[Git][security-tracker-team/security-tracker][master] u-boot/buster is not affected by CVE-2022-33103 and CVE-2022-33967

Sun, 26 Feb 2023 14:19:05 -0800 


Adrian Bunk pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
ab774c79 by Adrian Bunk at 2023-02-27T00:18:03+02:00
u-boot/buster is not affected by CVE-2022-33103 and CVE-2022-33967

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -54110,7 +54110,7 @@ CVE-2021-46825 (Symantec Advanced Secure Gateway (ASG) 
and ProxySG are susceptib
 CVE-2022-33967 (squashfs filesystem implementation of U-Boot versions from 
v2020.10-rc ...)
        - u-boot 2022.07+dfsg-1
        [bullseye] - u-boot <no-dsa> (Minor issue)
-       [buster] - u-boot <no-dsa> (Minor issue)
+       [buster] - u-boot <not-affected> (SquashFS support added in 2020.10)
        NOTE: https://lists.denx.de/pipermail/u-boot/2022-June/487467.html
        NOTE: 
https://source.denx.de/u-boot/u-boot/-/commit/7f7fb9937c6cb49dd35153bd6708872b390b0a44
 (v2022.07-rc6)
 CVE-2022-2249 (Privilege escalation related vulnerabilities were discovered in 
Avaya  ...)
@@ -58531,7 +58531,7 @@ CVE-2022-33104
 CVE-2022-33103 (Das U-Boot from v2020.10 to v2022.07-rc3 was discovered to 
contain an  ...)
        - u-boot 2022.07+dfsg-1 (bug #1014528)
        [bullseye] - u-boot <no-dsa> (Minor issue)
-       [buster] - u-boot <no-dsa> (Minor issue)
+       [buster] - u-boot <not-affected> (SquashFS support added in 2020.10)
        NOTE: 
https://lore.kernel.org/all/CALO=dhfb+yboxxvr5kcsk0ifdg+e7ywko4-e+72kjbcs8jb...@mail.gmail.com/
        NOTE: 
https://lore.kernel.org/all/[email protected]/
        NOTE: Fixed by: 
https://source.denx.de/u-boot/u-boot/-/commit/2ac0baab4aff1a0b45067d0b62f00c15f4e86856
 (v2022.07-rc5)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ab774c7963426287083136ecfb23136257b5a973

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ab774c7963426287083136ecfb23136257b5a973
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to