[Git][security-tracker-team/security-tracker][master] Add information of retrospectively added CVE-2022-3266/thunderbird

Thu, 22 Dec 2022 12:30:44 -0800 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
449ec7df by Salvatore Bonaccorso at 2022-12-22T21:29:56+01:00
Add information of retrospectively added CVE-2022-3266/thunderbird

- - - - -


3 changed files:

- data/CVE/list
- data/DLA/list
- data/DSA/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -22460,7 +22460,8 @@ CVE-2022-3268 (Weak Password Requirements in GitHub 
repository ikus060/minarca p
 CVE-2022-3267 (Cross-Site Request Forgery (CSRF) in GitHub repository 
ikus060/rdiffwe ...)
        - rdiffweb <itp> (bug #969974)
 CVE-2022-3266 (An out-of-bounds read can occur when decoding H264 video. This 
results ...)
-       TODO: check
+       - thunderbird 1:102.3.0-1
+       NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2022-42/#CVE-2022-3266
 CVE-2022-41322 (In Kitty before 0.26.2, insufficient validation in the desktop 
notific ...)
        - kitty 0.21.2-2 (bug #1020582)
        [bullseye] - kitty <no-dsa> (Minor issue)


=====================================
data/DLA/list
=====================================
@@ -361,7 +361,7 @@
        {CVE-2022-32886 CVE-2022-32888 CVE-2022-32923}
        [buster] - webkit2gtk 2.38.0-1~deb10u1
 [27 Sep 2022] DLA-3123-1 thunderbird - security update
-       {CVE-2022-40956 CVE-2022-40957 CVE-2022-40958 CVE-2022-40959 
CVE-2022-40960 CVE-2022-40962}
+       {CVE-2022-3266 CVE-2022-40956 CVE-2022-40957 CVE-2022-40958 
CVE-2022-40959 CVE-2022-40960 CVE-2022-40962}
        [buster] - thunderbird 1:102.3.0-1~deb10u1
 [27 Sep 2022] DLA-3122-1 dovecot - security update
        {CVE-2021-33515 CVE-2022-30550}


=====================================
data/DSA/list
=====================================
@@ -202,7 +202,7 @@
        {CVE-2021-45943}
        [bullseye] - gdal 3.2.2+dfsg-2+deb11u2
 [27 Sep 2022] DSA-5238-1 thunderbird - security update
-       {CVE-2022-40956 CVE-2022-40957 CVE-2022-40958 CVE-2022-40959 
CVE-2022-40960 CVE-2022-40962}
+       {CVE-2022-3266 CVE-2022-40956 CVE-2022-40957 CVE-2022-40958 
CVE-2022-40959 CVE-2022-40960 CVE-2022-40962}
        [bullseye] - thunderbird 1:102.3.0-1~deb11u1
 [23 Sep 2022] DSA-5237-1 firefox-esr - security update
        {CVE-2022-40956 CVE-2022-40957 CVE-2022-40958 CVE-2022-40959 
CVE-2022-40960 CVE-2022-40962}



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/449ec7df00cb3df73fbf48b80161b60ae3455907

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/449ec7df00cb3df73fbf48b80161b60ae3455907
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to