Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
6a173a3c by Salvatore Bonaccorso at 2023-02-23T11:00:14+01:00
Move listing of CVE-2022-3970, CVE-2022-3626 and CVE-2022-3598 to DSA-5333-1
entry
- - - - -
2 changed files:
- data/CVE/list
- data/DSA/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -22558,7 +22558,6 @@ CVE-2022-3971 (A vulnerability was found in
matrix-appservice-irc up to 0.35.1.
CVE-2022-3970 (A vulnerability was found in LibTIFF. It has been classified as
critic ...)
{DLA-3278-1}
- tiff 4.4.0-6 (bug #1024737)
- [bullseye] - tiff 4.2.0-1+deb11u3
NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=53137
NOTE:
https://gitlab.com/libtiff/libtiff/-/commit/227500897dfb07fb7d27f7aa570050e62617e3be
NOTE: https://oss-fuzz.com/download?testcase_id=5738253143900160
@@ -30042,7 +30041,6 @@ CVE-2022-3627 (LibTIFF 4.4.0 has an out-of-bounds write
in _TIFFmemcpy in libtif
CVE-2022-3626 (LibTIFF 4.4.0 has an out-of-bounds write in _TIFFmemset in
libtiff/tif ...)
{DLA-3278-1}
- tiff 4.4.0-5 (bug #1022555)
- [bullseye] - tiff 4.2.0-1+deb11u3
NOTE:
https://gitlab.com/libtiff/libtiff/-/commit/236b7191f04c60d09ee836ae13b50f812c841047
NOTE: https://gitlab.com/libtiff/libtiff/-/issues/426
CVE-2022-3625 (A vulnerability was found in Linux Kernel. It has been
classified as c ...)
@@ -30134,7 +30132,6 @@ CVE-2022-3599 (LibTIFF 4.4.0 has an out-of-bounds read
in writeSingleSection in
CVE-2022-3598 (LibTIFF 4.4.0 has an out-of-bounds write in
extractContigSamplesShifte ...)
{DLA-3278-1}
- tiff 4.4.0-5 (bug #1022555)
- [bullseye] - tiff 4.2.0-1+deb11u3
NOTE:
https://gitlab.com/libtiff/libtiff/-/commit/cfbb883bf6ea7bedcb04177cc4e52d304522fdff
(v4.5.0rc1)
NOTE: https://gitlab.com/libtiff/libtiff/-/issues/435
CVE-2022-3597 (LibTIFF 4.4.0 has an out-of-bounds write in _TIFFmemcpy in
libtiff/tif ...)
=====================================
data/DSA/list
=====================================
@@ -74,7 +74,7 @@
{CVE-2022-45060}
[bullseye] - varnish 6.5.1-1+deb11u3
[29 Jan 2023] DSA-5333-1 tiff - security update
- {CVE-2022-1354 CVE-2022-1355 CVE-2022-1622 CVE-2022-1623 CVE-2022-2056
CVE-2022-2057 CVE-2022-2058 CVE-2022-2519 CVE-2022-2520 CVE-2022-2521
CVE-2022-2867 CVE-2022-2868 CVE-2022-2869 CVE-2022-2953 CVE-2022-3570
CVE-2022-3597 CVE-2022-3599 CVE-2022-3627 CVE-2022-3636 CVE-2022-34526
CVE-2022-48281}
+ {CVE-2022-1354 CVE-2022-1355 CVE-2022-1622 CVE-2022-1623 CVE-2022-2056
CVE-2022-2057 CVE-2022-2058 CVE-2022-2519 CVE-2022-2520 CVE-2022-2521
CVE-2022-2867 CVE-2022-2868 CVE-2022-2869 CVE-2022-2953 CVE-2022-3570
CVE-2022-3597 CVE-2022-3598 CVE-2022-3599 CVE-2022-3626 CVE-2022-3627
CVE-2022-3636 CVE-2022-3970 CVE-2022-34526 CVE-2022-48281}
[bullseye] - tiff 4.2.0-1+deb11u3
[29 Jan 2023] DSA-5332-1 git - security update
{CVE-2022-23521 CVE-2022-24765 CVE-2022-29187 CVE-2022-39253
CVE-2022-39260 CVE-2022-41903}
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6a173a3cb8452bfb8abfe451b653efdecf611062
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6a173a3cb8452bfb8abfe451b653efdecf611062
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
