[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) Sun, 27 Nov 2022 12:10:49 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
4e0708ff by security tracker role at 2022-11-27T20:10:31+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,5 @@
+CVE-2022-45935
+       RESERVED
 CVE-2022-45934 (An issue was discovered in the Linux kernel through 6.0.10. 
l2cap_conf ...)
        - linux <unfixed>
        NOTE: 
https://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth-next.git/commit/?id=ae4569813a6e931258db627cdfe50dfb4f917d5d
@@ -13313,13 +13315,13 @@ CVE-2022-42006
 CVE-2022-42005
        RESERVED
 CVE-2022-42004 (In FasterXML jackson-databind before 2.13.4, resource 
exhaustion can o ...)
-       {DSA-5283-1}
+       {DSA-5283-1 DLA-3207-1}
        - jackson-databind 2.14.0-1
        NOTE: https://github.com/FasterXML/jackson-databind/issues/3582
        NOTE: 
https://github.com/FasterXML/jackson-databind/commit/063183589218fec19a9293ed2f17ec53ea80ba88
 (jackson-databind-2.13.4)
        NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=50490
 CVE-2022-42003 (In FasterXML jackson-databind before 2.14.0-rc1, resource 
exhaustion c ...)
-       {DSA-5283-1}
+       {DSA-5283-1 DLA-3207-1}
        - jackson-databind 2.14.0-1
        NOTE: https://github.com/FasterXML/jackson-databind/issues/3590
        NOTE: 
https://github.com/FasterXML/jackson-databind/commit/d78d00ee7b5245b93103fef3187f70543d67ca33
 (jackson-databind-2.14.0-rc1)
@@ -55198,7 +55200,7 @@ CVE-2021-46708 (The swagger-ui-dist package before 
4.1.3 for Node.js could allow
        - node-swagger-ui <itp> (bug #871461)
        - swagger-ui <itp> (bug #895422)
 CVE-2020-36518 (jackson-databind before 2.13.0 allows a Java StackOverflow 
exception a ...)
-       {DSA-5283-1 DLA-2990-1}
+       {DSA-5283-1 DLA-3207-1 DLA-2990-1}
        - jackson-databind 2.13.2.2-1 (bug #1007109)
        NOTE: https://github.com/FasterXML/jackson-databind/issues/2816
 CVE-2018-25031 (Swagger UI before 4.1.3 could allow a remote attacker to 
conduct spoof ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4e0708ff57808933be3fa327163fe84de7e186b9

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4e0708ff57808933be3fa327163fe84de7e186b9
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to