[Git][security-tracker-team/security-tracker][master] 2 commits: Adjust upstream commit reference according to pull request and commit for netatalk

Mon, 10 Apr 2023 06:16:19 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
875ef7ef by Salvatore Bonaccorso at 2023-04-10T15:14:31+02:00
Adjust upstream commit reference according to pull request and commit for 
netatalk

- - - - -
903f9de3 by Salvatore Bonaccorso at 2023-04-10T15:15:35+02:00
Add commit reference for CVE-2022-45188

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -34330,6 +34330,7 @@ CVE-2022-45189
 CVE-2022-45188 (Netatalk through 3.1.13 has an afp_getappl heap-based buffer 
overflow  ...)
        - netatalk <unfixed> (bug #1024021)
        NOTE: https://rushbnt.github.io/bug%20analysis/netatalk-0day/
+       NOTE: 
https://github.com/Netatalk/netatalk/commit/dfab56846e8f454fe0548347ae6437bd12a05925
 CVE-2022-45187
        RESERVED
 CVE-2022-45186
@@ -41221,7 +41222,7 @@ CVE-2022-43634 (This vulnerability allows remote 
attackers to execute arbitrary
        NOTE: https://github.com/Netatalk/Netatalk/pull/186
        NOTE: https://github.com/advisories/GHSA-fwj9-7qq8-jc93
        NOTE: https://www.zerodayinitiative.com/advisories/ZDI-23-094/
-       NOTE: 
https://github.com/Netatalk/netatalk/commit/dfab56846e8f454fe0548347ae6437bd12a05925
+       NOTE: 
https://github.com/Netatalk/netatalk/commit/5fcb4ab02aced14484310165b3d754bb2f0820ca
 CVE-2022-43633 (This vulnerability allows network-adjacent attackers to 
execute arbitr ...)
        NOT-FOR-US: D-Link
 CVE-2022-43632 (This vulnerability allows network-adjacent attackers to 
execute arbitr ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/fd7db7e9e0ecf67ca5b9e9dda81ed36f7866a059...903f9de3478c42f69db04cdb2f3295acc6307428

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/fd7db7e9e0ecf67ca5b9e9dda81ed36f7866a059...903f9de3478c42f69db04cdb2f3295acc6307428
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to