Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
26e773ad by Salvatore Bonaccorso at 2022-12-03T18:52:48+01:00
Associate CVE-2022-29167 with node-hawk
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -50169,7 +50169,10 @@ CVE-2022-29169 (BigBlueButton is an open source web
conferencing system. Version
CVE-2022-29168 (Wire is a secure messaging application. Wire is vulnerable to
arbitrar ...)
NOT-FOR-US: wire-webapp
CVE-2022-29167 (Hawk is an HTTP authentication scheme providing mechanisms for
making ...)
- NOT-FOR-US: Hawk (mozilla/hawk, different from itp'ed hawk, #634344)
+ - node-hawk <unfixed>
+ NOTE:
https://github.com/mozilla/hawk/security/advisories/GHSA-44pw-h2cw-w3vq
+ NOTE: https://github.com/mozilla/hawk/pull/286
+ NOTE:
https://github.com/mozilla/hawk/commit/ade134119bf1fdc4909d00f5a952c966f0075ad3
CVE-2022-29166 (matrix-appservice-irc is a Node.js IRC bridge for Matrix. The
vulnerab ...)
NOT-FOR-US: Matrix-appservice-bridge
CVE-2022-29165 (Argo CD is a declarative, GitOps continuous delivery tool for
Kubernet ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/26e773ad96ddbc72f4b43d005a874aa4f409c7db
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/26e773ad96ddbc72f4b43d005a874aa4f409c7db
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
