Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
fe981b1a by Salvatore Bonaccorso at 2023-05-13T11:37:11+02:00
Add libusrsctp for CVE-2022-46871
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -33290,12 +33290,15 @@ CVE-2022-46872 (An attacker who compromised a content
process could have partial
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2022-53/#CVE-2022-46872
CVE-2022-46871 (An out of date library (libusrsctp) contained vulnerabilities
that cou ...)
{DSA-5355-1 DSA-5322-1 DLA-3324-1 DLA-3275-1}
+ - libusrsctp 0.9.3.0+20201007-1
- firefox 108.0-1
- firefox-esr 102.7.0esr-1
- thunderbird 1:102.7.1-1
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2022-51/#CVE-2022-46871
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2023-02/#CVE-2022-46871
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2023-03/#CVE-2022-46871
+ NOTE: https://bugs.launchpad.net/ubuntu/+source/libusrsctp/+bug/2015448
+ NOTE:
https://github.com/sctplab/usrsctp/commit/939d48f9632d69bf170c7a84514b312b6b42257d
(0.9.4.0)
CVE-2022-46870 (An Improper Neutralization of Input During Web Page Generation
('Cross ...)
NOT-FOR-US: Apache Zeppelin
CVE-2022-46869
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fe981b1a5f8c0e39532b17cf3a366658559c3a5d
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fe981b1a5f8c0e39532b17cf3a366658559c3a5d
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
