[Git][security-tracker-team/security-tracker][master] vim fixed in sid

Wed, 28 Dec 2022 09:47:35 -0800 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
cfbae1f7 by Moritz Mühlenhoff at 2022-12-28T18:46:13+01:00
vim fixed in sid
bugnums

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -6003,7 +6003,7 @@ CVE-2022-4293 (Floating Point Comparison with Incorrect 
Operator in GitHub repos
        NOTE: 
https://github.com/vim/vim/commit/cdef1cefa2a440911c727558562f83ed9b00e16b 
(v9.0.0804)
        NOTE: Crash in CLI tool, no security impact
 CVE-2022-4292 (Use After Free in GitHub repository vim/vim prior to 9.0.0882. 
...)
-       - vim <unfixed> (unimportant)
+       - vim 2:9.0.1000-1 (unimportant)
        NOTE: https://huntr.dev/bounties/da3d4c47-e57a-451e-993d-9df0ed31f57b
        NOTE: 
https://github.com/vim/vim/commit/c3d27ada14acd02db357f2d16347acc22cb17e93 
(v9.0.0882)
        NOTE: Crash in CLI tool, no security impact
@@ -7705,7 +7705,7 @@ CVE-2022-4143
 CVE-2022-4142
        RESERVED
 CVE-2022-4141 (Heap based buffer overflow in vim/vim 9.0.0946 and below by 
allowing a ...)
-       - vim <unfixed> (bug #1027146)
+       - vim 2:9.0.1000-1 (bug #1027146)
        [bullseye] - vim <no-dsa> (Minor issue)
        [buster] - vim <postponed> (Minor issue)
        NOTE: https://huntr.dev/bounties/20ece512-c600-45ac-8a84-d0931e05541f
@@ -78447,7 +78447,7 @@ CVE-2021-46090
 CVE-2021-46089 (In JeecgBoot 3.0, there is a SQL injection vulnerability that 
can oper ...)
        NOT-FOR-US: JeecgBoot
 CVE-2021-46088 (Zabbix 4.0 LTS, 4.2, 4.4, and 5.0 LTS is vulnerable to Remote 
Code Exe ...)
-       - zabbix <undetermined>
+       NOTE: Zabbix security feature, not a vulnerability per se
        NOTE: closed upstream as a "feature", then changed in 5.4 to make the 
attack less likely
        NOTE: https://github.com/paalbra/zabbix-zbxsec-7
        NOTE: 
https://www.zabbix.com/documentation/3.0/en/manual/config/notifications/action/operation/remote_command
@@ -239533,7 +239533,7 @@ CVE-2019-16935 (The documentation XML-RPC server in 
Python through 2.7.16, 3.x t
        - python2.7 2.7.17~rc1-1
        [buster] - python2.7 2.7.16-2+deb10u1
        [jessie] - python2.7 <ignored> (Minor Issue, XSS in an unlikely 
use-case)
-       - jython <unfixed>
+       - jython <unfixed> (bug #1027149)
        [bullseye] - jython <ignored> (Minor Issue)
        [buster] - jython <ignored> (Minor Issue)
        [stretch] - jython <ignored> (Minor Issue)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cfbae1f76e4271509ca9b6b332f12d75e73eb5d9

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cfbae1f76e4271509ca9b6b332f12d75e73eb5d9
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to