Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
ce13d6eb by Moritz Muehlenhoff at 2022-11-25T15:25:10+01:00
mark CVE-2022-39052 as NFU, znuny diverged a lot from OTRS 6.0 and the upstream
fixed several bugs which could be the one described by OTRS, but in the end
noone
will know for sure and it doesn't make sense to keep it open indefinitely
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -20505,7 +20505,9 @@ CVE-2022-39054 (Cowell enterprise travel management
system has insufficient filt
CVE-2022-39053 (Heimavista Rpage has insufficient filtering for platform web
URL. An u ...)
NOT-FOR-US: Heimavista Rpage
CVE-2022-39052 (An external attacker is able to send a specially crafted email
(with m ...)
- - znuny <undetermined> (bug #1024560)
+ NOT-FOR-US: OTRS
+ NOTE: Could possibly affect Znuny, we'll let their security team figure
it out
+ NOTE: Was also tracked as #1024560
CVE-2022-39051 (Attacker might be able to execute malicious Perl code in the
Template ...)
NOT-FOR-US: OTRS
NOTE: Could possibly affect Znuny, we'll let their security team figure
it out
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ce13d6eb9d745646a59f30c1f2c277156eff3d53
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ce13d6eb9d745646a59f30c1f2c277156eff3d53
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
