Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
1e706af0 by Moritz Muehlenhoff at 2022-12-05T13:18:41+01:00
bullseye triage
- - - - -
2 changed files:
- data/CVE/list
- data/dsa-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -11308,9 +11308,10 @@ CVE-2022-43397 (A vulnerability has been identified in
Parasolid V34.0 (All vers
CVE-2022-43396
RESERVED
CVE-2022-3591 (Use After Free in GitHub repository vim/vim prior to 9.0.0789.
...)
- - vim 2:9.0.0813-1
+ - vim 2:9.0.0813-1 (unimportant)
NOTE: https://huntr.dev/bounties/a5a998c2-4b07-47a7-91be-dbc1886b3921
NOTE:
https://github.com/vim/vim/commit/8f3c3c6cd044e3b5bf08dbfa3b3f04bb3f711bad
(v9.0.0789)
+ NOTE: Crash in CLI tool, no security impact
CVE-2022-3590
RESERVED
CVE-2022-3589 (An API Endpoint used by Miele's "AppWash" MobileApp in all
versions wa ...)
@@ -12451,9 +12452,10 @@ CVE-2022-42964 (An exponential ReDoS (Regular
Expression Denial of Service) can
NOTE:
https://research.jfrog.com/vulnerabilities/pymatgen-redos-xray-257184/
NOTE: Doesn't seem to be reported upstream so far
CVE-2022-3520 (Heap-based Buffer Overflow in GitHub repository vim/vim prior
to 9.0.0 ...)
- - vim 2:9.0.0813-1
+ - vim 2:9.0.0813-1 (unimportant)
NOTE: https://huntr.dev/bounties/c1db3b70-f4fe-481f-8a24-0b1449c94246
NOTE:
https://github.com/vim/vim/commit/36343ae0fb7247e060abfd35fb8e4337b33abb4b
(v9.0.0765)
+ NOTE: Crash in CLI tool, no security impact
CVE-2022-3519 (A vulnerability classified as problematic was found in
SourceCodester ...)
NOT-FOR-US: SourceCodester Sanitization Management System
CVE-2022-3518 (A vulnerability classified as problematic has been found in
SourceCode ...)
@@ -12703,9 +12705,10 @@ CVE-2022-3493 (A vulnerability, which was classified
as problematic, has been fo
CVE-2022-3492 (A vulnerability classified as critical was found in
SourceCodester Hum ...)
NOT-FOR-US: SourceCodester Human Resource Management System
CVE-2022-3491 (Heap-based Buffer Overflow in GitHub repository vim/vim prior
to 9.0.0 ...)
- - vim 2:9.0.0813-1
+ - vim 2:9.0.0813-1 (unimportant)
NOTE: https://huntr.dev/bounties/6e6e05c2-2cf7-4aa5-a817-a62007bf92cb
NOTE:
https://github.com/vim/vim/commit/3558afe9e9e904cabb8475392d859f2d2fc21041
(v9.0.0742)
+ NOTE: Crash in CLI tool, no security impact
CVE-2022-3490 (The Checkout Field Editor (Checkout Manager) for WooCommerce
WordPress ...)
NOT-FOR-US: WordPress plugin
CVE-2022-3489 (The WP Hide WordPress plugin through 0.0.2 does not have
authorisation ...)
=====================================
data/dsa-needed.txt
=====================================
@@ -61,7 +61,7 @@ sox
--
tiff
--
-vlc
+vlc (jmm)
Maintainer proposed update for review, to be acked for upload
--
xfce4-settings (corsac)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1e706af008a48a951e49c5a8c4eaa2349df052a9
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1e706af008a48a951e49c5a8c4eaa2349df052a9
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
