[Git][security-tracker-team/security-tracker][master] add ATS commit refs

Wed, 21 Dec 2022 02:14:35 -0800 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
c9bcd666 by Moritz Muehlenhoff at 2022-12-21T11:13:55+01:00
add ATS commit refs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -23575,8 +23575,11 @@ CVE-2022-40744
        RESERVED
 CVE-2022-40743 (Improper Input Validation vulnerability for the xdebug plugin 
in Apach ...)
        - trafficserver 9.1.4+ds-1
+       [bullseye] - trafficserver <not-affected> (Vulnerable code not present)
+       [buster] - trafficserver <not-affected> (Vulnerable code not present)
        NOTE: https://lists.apache.org/thread/mrj2lg4s0hf027rk7gz8t7hbn9xpfg02
-       TODO: check, appears to affect only 9.1.x versions
+       NOTE: 
https://github.com/apache/trafficserver/commit/eb5efe19e68e51db58a6320b4a99e3fc83336a14
 (master)
+       NOTE: 
https://github.com/apache/trafficserver/commit/20c857a785da93fa0e3263597207b5ef35b65b7c
 (v9.1.x)
 CVE-2022-3233 (Cross-Site Request Forgery (CSRF) in GitHub repository 
ikus060/rdiffwe ...)
        - rdiffweb <itp> (bug #969974)
 CVE-2022-3232 (Cross-Site Request Forgery (CSRF) in GitHub repository 
ikus060/rdiffwe ...)
@@ -32671,6 +32674,8 @@ CVE-2022-2634 (An attacker may be able to execute 
malicious actions due to the l
 CVE-2022-37392 (Improper Check for Unusual or Exceptional Conditions 
vulnerability in  ...)
        - trafficserver 9.1.4+ds-1
        NOTE: https://lists.apache.org/thread/mrj2lg4s0hf027rk7gz8t7hbn9xpfg02
+       NOTE: 
https://github.com/apache/trafficserver/commit/3b9cbf873a77bb7f9297f2b16496a290e0cf7de1
 (master)
+       NOTE: 
https://github.com/apache/trafficserver/commit/0ba19c72b70a25e3dfbbc3f507427314ba2afd80
 (v9.1.x)
 CVE-2022-37391
        RESERVED
 CVE-2022-37390
@@ -45045,6 +45050,9 @@ CVE-2022-32750 (IBM DataPower Gateway 10.0.2.0 through 
10.0.4.0, 10.0.1.0 throug
 CVE-2022-32749 (Improper Check for Unusual or Exceptional Conditions 
vulnerability han ...)
        - trafficserver 9.1.4+ds-1
        NOTE: https://lists.apache.org/thread/mrj2lg4s0hf027rk7gz8t7hbn9xpfg02
+       NOTE: https://github.com/apache/trafficserver/pull/9243
+       NOTE: 
https://github.com/apache/trafficserver/commit/71a80d1abb3fbcb2e30ff850c8bca0a371589b5a
 (master)
+       NOTE: 
https://github.com/apache/trafficserver/commit/590f87304b233791169af3d5899c5ba135bb61fa
 (9.1.x)
 CVE-2022-32748
        RESERVED
 CVE-2022-32747



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c9bcd666bcb67f0359c91fc8d8bd05e8499dded1

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c9bcd666bcb67f0359c91fc8d8bd05e8499dded1
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to