Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
6b2ad6fb by Moritz Mühlenhoff at 2023-04-25T21:02:32+02:00
bugnums
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -58193,7 +58193,7 @@ CVE-2022-37408
CVE-2022-37343
RESERVED
CVE-2022-36788 (A heap-based buffer overflow vulnerability exists in the
TriangleMesh ...)
- - slic3r <unfixed>
+ - slic3r <unfixed> (bug #1034848)
[buster] - slic3r <no-dsa> (Minor issue)
NOTE:
https://talosintelligence.com/vulnerability_reports/TALOS-2022-1593
CVE-2022-36420
@@ -116436,17 +116436,17 @@ CVE-2021-43520
CVE-2021-43519 (Stack overflow in lua_resume of ldo.c in Lua Interpreter
5.1.0~5.4.4 a ...)
- lua5.4 5.4.4-1 (bug #1000228)
[bullseye] - lua5.4 <no-dsa> (Minor issue)
- - lua5.3 <unfixed>
+ - lua5.3 <unfixed> (bug #1034847)
[bookworm] - lua5.3 <ignored> (Minor issue)
[bullseye] - lua5.3 <ignored> (Minor issue)
[buster] - lua5.3 <no-dsa> (Minor issue)
[stretch] - lua5.3 <no-dsa> (Minor issue)
- - lua5.2 <unfixed>
+ - lua5.2 <unfixed> (bug #1034846)
[bookworm] - lua5.2 <ignored> (Minor issue)
[bullseye] - lua5.2 <ignored> (Minor issue)
[buster] - lua5.2 <no-dsa> (Minor issue)
[stretch] - lua5.2 <no-dsa> (Minor issue)
- - lua5.1 <unfixed>
+ - lua5.1 <unfixed> (bug #1034845)
[bookworm] - lua5.1 <ignored> (Minor issue)
[bullseye] - lua5.1 <ignored> (Minor issue)
[buster] - lua5.1 <no-dsa> (Minor issue)
@@ -121133,10 +121133,10 @@ CVE-2021-42522 (There is a Information Disclosure
vulnerability in anjuta/plugin
CVE-2021-42521 (There is a NULL pointer dereference vulnerability in VTK
before 9.2.5, ...)
- vtk9 <unfixed> (bug #1031877)
[bullseye] - vtk9 <no-dsa> (Minor issue)
- - vtk7 <unfixed>
+ - vtk7 <unfixed> (bug #1034844)
[bullseye] - vtk7 <no-dsa> (Minor issue)
[buster] - vtk7 <no-dsa> (Minor issue)
- - vtk6 <unfixed>
+ - vtk6 <unfixed> (bug #1034843)
[bullseye] - vtk6 <no-dsa> (Minor issue)
[buster] - vtk6 <no-dsa> (Minor issue)
NOTE: https://gitlab.kitware.com/vtk/vtk/-/issues/17818
@@ -123182,7 +123182,7 @@ CVE-2021-41805 (HashiCorp Consul Enterprise before
1.8.17, 1.9.x before 1.9.11,
CVE-2021-41804
RESERVED
CVE-2021-41803 (HashiCorp Consul 1.8.1 up to 1.11.8, 1.12.4, and 1.13.1 do not
properl ...)
- - consul <unfixed>
+ - consul <unfixed> (bug #1034841)
NOTE:
https://discuss.hashicorp.com/t/hcsec-2022-19-consul-auto-config-jwt-authorization-missing-input-validation/44627
CVE-2021-41802 (HashiCorp Vault and Vault Enterprise through 1.7.4 and 1.8.3
allowed a ...)
NOT-FOR-US: HashiCorp Vault
@@ -157891,7 +157891,7 @@ CVE-2021-28237 (LibreDWG v0.12.3 was discovered to
contain a heap-buffer overflo
CVE-2021-28236 (LibreDWG v0.12.3 was discovered to contain a NULL pointer
dereference ...)
- libredwg <itp> (bug #595191)
CVE-2021-28235 (Authentication vulnerability found in Etcd-io v.3.4.10 allows
remote a ...)
- - etcd <unfixed>
+ - etcd <unfixed> (bug #1034840)
[buster] - etcd <no-dsa> (Minor issue; only when debug is enabled)
NOTE: https://github.com/etcd-io/etcd/pull/15648
NOTE: https://github.com/etcd-io/etcd/pull/15655
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6b2ad6fb4bd18c40a906deacebcfbb41dfb10b5d
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6b2ad6fb4bd18c40a906deacebcfbb41dfb10b5d
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
