[Git][security-tracker-team/security-tracker][master] automatic update

Sat, 26 Nov 2022 12:10:50 -0800 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
8b199b06 by security tracker role at 2022-11-26T20:10:25+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,5 @@
+CVE-2022-45910
+       RESERVED
 CVE-2022-45909 (drachtio-server 0.8.18 has a heap-based buffer over-read via a 
long Re ...)
        TODO: check
 CVE-2022-45908 (In PaddlePaddle before 2.4, paddle.audio.functional.get_window 
is vuln ...)
@@ -4643,7 +4645,7 @@ CVE-2022-44641 (In Linaro Automated Validation 
Architecture (LAVA) before 2022.1
        NOTE: 
https://git.lavasoftware.org/lava/lava/-/commit/1bee0f8957741582c2bed800974f31439c6f3ff5
 (2022.11)
 CVE-2022-44640 [Invalid free in ASN.1 codec]
        RESERVED
-       {DSA-5287-1}
+       {DSA-5287-1 DLA-3206-1}
        - heimdal <unfixed> (bug #1024187)
        NOTE: 
https://github.com/heimdal/heimdal/security/advisories/GHSA-88pm-hfmq-7vv4
        NOTE: 
https://github.com/heimdal/heimdal/commit/ea5ec8f174920cb80ce2b168b49195378420449e
 (heimdal-7.7.1)
@@ -11110,7 +11112,7 @@ CVE-2022-42899 (Bentley MicroStation and 
MicroStation-based applications may be
        NOT-FOR-US: Bentley
 CVE-2022-42898 [krb5_pac_parse() buffer parsing vulnerability]
        RESERVED
-       {DSA-5287-1 DSA-5286-1}
+       {DSA-5287-1 DSA-5286-1 DLA-3206-1}
        - heimdal <unfixed> (bug #1024187)
        - krb5 1.20.1-1 (bug #1024267)
        - samba 2:4.17.3+dfsg-1
@@ -11658,7 +11660,7 @@ CVE-2022-42704
        RESERVED
 CVE-2022-3437 [Buffer overflow in Heimdal unwrap_des3()]
        RESERVED
-       {DSA-5287-1}
+       {DSA-5287-1 DLA-3206-1}
        - samba 2:4.16.6+dfsg-1
        - heimdal <unfixed> (bug #1024187)
        NOTE: https://www.samba.org/samba/security/CVE-2022-3437.html
@@ -13450,7 +13452,7 @@ CVE-2022-41918 (OpenSearch is a community-driven, open 
source fork of Elasticsea
 CVE-2022-41917 (OpenSearch is a community-driven, open source fork of 
Elasticsearch an ...)
        NOT-FOR-US: OpenSearch
 CVE-2022-41916 (Heimdal is an implementation of ASN.1/DER, PKIX, and Kerberos. 
Version ...)
-       {DSA-5287-1}
+       {DSA-5287-1 DLA-3206-1}
        - heimdal <unfixed> (bug #1024187)
        NOTE: 
https://github.com/heimdal/heimdal/security/advisories/GHSA-mgqr-gvh6-23cx
        NOTE: 
https://github.com/heimdal/heimdal/commit/eb87af0c2d189c25294c7daf483a47b03af80c2c
 (heimdal-7.7.1)
@@ -75197,7 +75199,7 @@ CVE-2021-4081 (pimcore is vulnerable to Improper 
Neutralization of Input During
        NOT-FOR-US: Pimcore
 CVE-2021-44758 [spnego: send_reject when no mech selected]
        RESERVED
-       {DSA-5287-1}
+       {DSA-5287-1 DLA-3206-1}
        - heimdal <unfixed> (bug #1024187)
        NOTE: 
https://github.com/heimdal/heimdal/security/advisories/GHSA-69h9-669w-88xv
        NOTE: 
https://github.com/heimdal/heimdal/commit/f9ec7002cdd526ae84fbacbf153162e118f22580
 (heimdal-7.7.1)
@@ -97581,7 +97583,7 @@ CVE-2021-37716 (A remote buffer overflow vulnerability 
was discovered in Aruba S
 CVE-2021-37715 (A remote cross-site scripting (XSS) vulnerability was 
discovered in Ar ...)
        NOT-FOR-US: Aruba
 CVE-2021-3671 (A null pointer de-reference was found in the way samba kerberos 
server ...)
-       {DSA-5287-1}
+       {DSA-5287-1 DLA-3206-1}
        - heimdal 7.7.0+dfsg-3 (bug #996586)
        [stretch] - heimdal <no-dsa> (Minor issue)
        - samba 2:4.13.13+dfsg-1
@@ -237672,7 +237674,7 @@ CVE-2019-14871 (The REENT_CHECK macro (see 
newlib/libc/include/sys/reent.h) as u
        NOTE: 
https://census-labs.com/news/2020/01/31/multiple-null-pointer-dereference-vulnerabilities-in-newlib/
        NOTE: https://keithp.com/blogs/picolibc-string-float/
 CVE-2019-14870 (All Samba versions 4.x.x before 4.9.17, 4.10.x before 4.10.11 
and 4.11 ...)
-       {DLA-2668-1}
+       {DLA-3206-1 DLA-2668-1}
        - samba 2:4.11.3+dfsg-1
        [buster] - samba <no-dsa> (Minor issue)
        [jessie] - samba <no-dsa> (Minor issue)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8b199b06f8076ca217ccf55c9cbd78b5c14b4bdc

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8b199b06f8076ca217ccf55c9cbd78b5c14b4bdc
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to