Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
b2e0d5dc by Salvatore Bonaccorso at 2023-08-23T21:56:22+02:00
Add CVE-2022-48522/perl
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -182,7 +182,12 @@ CVE-2022-48538 (In Cacti 1.2.19, there is an
authentication bypass in the web lo
NOTE: Fixed by:
https://github.com/Cacti/cacti/commit/9b53889c340031be67b62006a516e847b3793dcb
(release/1.2.23)
NOTE: Only an issue when running with PHP8.2.
CVE-2022-48522 (In Perl 5.34.0, function S_find_uninit_var in sv.c has a
stack-based c ...)
- TODO: check
+ - perl 5.36.0-4 (unimportant)
+ NOTE: Might be related to
https://bugs.launchpad.net/ubuntu/+source/perl/+bug/2032667
+ NOTE: which is just a infinite recursion exhausting the stack, with
negligible security
+ NOTE: impact.
+ NOTE: https://github.com/Perl/perl5/issues/19147
+ NOTE: Fixed by:
https://github.com/Perl/perl5/commit/23cca2d1f4544cb47f1124d98c308ce1f31f09a6
(v5.35.5)
CVE-2023-XXXX [RUSTSEC-2023-0053: rustls-webpki: CPU denial of service in
certificate path building]
- rust-rustls-webpki <unfixed> (bug #1050298)
NOTE: https://rustsec.org/advisories/RUSTSEC-2023-0053.html
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b2e0d5dc207c0e881cc0e9f7ae399cd981810d23
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b2e0d5dc207c0e881cc0e9f7ae399cd981810d23
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
