Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
27b29c83 by Salvatore Bonaccorso at 2023-06-29T20:44:06+02:00
Reference specifically the commits for CVE-2022-43681, CVE-2022-40318 and
CVE-2022-40302
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -50548,10 +50548,7 @@ CVE-2022-43681 (An out-of-bounds read exists in the
BGP daemon of FRRouting FRR
[buster] - frr <no-dsa> (Minor issue)
NOTE: https://github.com/FRRouting/frr/issues/13427
NOTE: https://github.com/FRRouting/frr/issues/13480
- NOTE: Fixes for CVE-2022-43681/CVE-2022-40318/CVE-2022-40302:
- NOTE:
https://github.com/FRRouting/frr/commit/1117baca3c592877a4d8a13ed6a1d9bd83977487
(base_8.4)
- NOTE:
https://github.com/FRRouting/frr/commit/3e46b43e3788f0f87bae56a86b54d412b4710286
(base_8.4)
- NOTE:
https://github.com/FRRouting/frr/commit/766eec1b7accffe2c04a5c9ebb14e9f487bb9f78
(base_8.5)
+ NOTE:
https://github.com/FRRouting/frr/commit/6c4ca9812976596bf8b5226600269fc4031f1422
(frr-8.4)
CVE-2022-43680 (In libexpat through 2.4.9, there is a use-after free caused by
overeag ...)
{DSA-5266-1 DLA-3165-1}
- expat 2.5.0-1 (bug #1022743)
@@ -59829,10 +59826,7 @@ CVE-2022-40318 (An issue was discovered in bgpd in
FRRouting (FRR) through 8.4.
[buster] - frr <no-dsa> (Minor issue)
NOTE: https://github.com/FRRouting/frr/issues/13427
NOTE: https://github.com/FRRouting/frr/issues/13480
- NOTE: Fixes for CVE-2022-43681/CVE-2022-40318/CVE-2022-40302:
NOTE:
https://github.com/FRRouting/frr/commit/1117baca3c592877a4d8a13ed6a1d9bd83977487
(base_8.4)
- NOTE:
https://github.com/FRRouting/frr/commit/3e46b43e3788f0f87bae56a86b54d412b4710286
(base_8.4)
- NOTE:
https://github.com/FRRouting/frr/commit/766eec1b7accffe2c04a5c9ebb14e9f487bb9f78
(base_8.5)
CVE-2022-40317 (OpenKM 6.3.11 allows stored XSS related to the
javascript: subst ...)
NOT-FOR-US: OpenKM
CVE-2022-40316 (The H5P activity attempts report did not filter by groups,
which in se ...)
@@ -59899,10 +59893,7 @@ CVE-2022-40302 (An issue was discovered in bgpd in
FRRouting (FRR) through 8.4.
[buster] - frr <no-dsa> (Minor issue)
NOTE: https://github.com/FRRouting/frr/issues/13427
NOTE: https://github.com/FRRouting/frr/issues/13480
- NOTE: Fixes for CVE-2022-43681/CVE-2022-40318/CVE-2022-40302:
- NOTE:
https://github.com/FRRouting/frr/commit/1117baca3c592877a4d8a13ed6a1d9bd83977487
(base_8.4)
NOTE:
https://github.com/FRRouting/frr/commit/3e46b43e3788f0f87bae56a86b54d412b4710286
(base_8.4)
- NOTE:
https://github.com/FRRouting/frr/commit/766eec1b7accffe2c04a5c9ebb14e9f487bb9f78
(base_8.5)
CVE-2022-40301
RESERVED
CVE-2022-40300 (Zoho ManageEngine Password Manager Pro through 12120 before
12121, PAM ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/27b29c83c00c9226f145cf7caf9df19cdcae3edc
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/27b29c83c00c9226f145cf7caf9df19cdcae3edc
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
