Markus Koschany pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
8b5ce926 by Markus Koschany at 2023-02-19T17:30:56+01:00
CVE-2022-1471,snakeyaml: unimportant
Snakeyaml is not designed to process untrusted YAML input. This has been
clarified for users in version 1.33-2 with a README.Debian.security file.
See also Debian bug #1030046
- - - - -
823329f4 by Markus Koschany at 2023-02-19T17:33:20+01:00
CVE-2022-41854,snakeyaml: fixed in 1.33-1
According to the Google fuzzer this issue was fixed between 20220911 and
20220912. Version 1.32 was released back then. The first version in Debian was
1.33-1 and I assume this is fixed now. According to the CVE description the
parser would crash by stack overflow. A limit to the nesting depth of YAML
files has been already introduced with other CVE fixes, so that shouldn't
be a
problem anymore.
- - - - -
8cada0ea by Markus Koschany at 2023-02-19T17:38:31+01:00
CVE-2022-41854,snakeyaml: Buster is not affected
because this issue was addressed in version 1.23-1+deb10u1. Bullseye will be
fixed with a point update in the near future.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -33392,7 +33392,8 @@ CVE-2022-41856
CVE-2022-41855
REJECTED
CVE-2022-41854 (Those using Snakeyaml to parse untrusted YAML files may be
vulnerable ...)
- - snakeyaml <unfixed>
+ - snakeyaml 1.33-1
+ [buster] - snakeyaml 1.23-1+deb10u1
NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=50355
TODO: check details
CVE-2022-41853 (Those using java.sql.Statement or java.sql.PreparedStatement
in hsqldb ...)
@@ -66712,7 +66713,7 @@ CVE-2022-1473 (The OPENSSL_LH_flush() function, which
empties a hash table, cont
CVE-2022-1472 (The Better Find and Replace WordPress plugin before 1.3.6 does
not pro ...)
NOT-FOR-US: WordPress plugin
CVE-2022-1471 (SnakeYaml's Constructor() class does not restrict types which
can be i ...)
- - snakeyaml <unfixed>
+ - snakeyaml <unfixed> (unimportant)
NOTE:
https://github.com/google/security-research/security/advisories/GHSA-mjmj-j48q-9wg2
CVE-2022-1470 (The Ultimate WooCommerce CSV Importer WordPress plugin through
2.0 doe ...)
NOT-FOR-US: WordPress plugin
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/7810985b3197b87328b0961c533dab1911a47e9d...8cada0ea4fb8132e0d35bae7b26fd955f3a1fc5f
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/7810985b3197b87328b0961c533dab1911a47e9d...8cada0ea4fb8132e0d35bae7b26fd955f3a1fc5f
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
