Bastien Roucariès pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
804061b6 by Bastien Roucariès at 2024-07-23T16:25:01+00:00
CVE-2022-39369
oscinventory-server embded (vendor) a vulnerable version.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -150685,9 +150685,11 @@ CVE-2022-39370 (GLPI stands for Gestionnaire Libre
de Parc Informatique. GLPI is
CVE-2022-39369 (phpCAS is an authentication library that allows PHP
applications to ea ...)
{DLA-3485-1}
- php-cas 1.6.0-1 (bug #1023571)
+ - ocsinventory-server 2.8.1+dfsg1+~2.11.1-1
[bullseye] - php-cas <no-dsa> (Will be fixed via a point release)
NOTE:
https://github.com/apereo/phpCAS/security/advisories/GHSA-8q72-6qq8-xv64
NOTE: Fixed by:
https://github.com/apereo/phpCAS/commit/b759361d904a2cb2a3bcee9411fc348cfde5d163
(1.6.0)
+ NOTE: oscinventory-server under bullseye include vendored copy
CVE-2022-39368 (Eclipse Californium is a Java implementation of RFC7252 -
Constrained ...)
NOT-FOR-US: Eclipse Californium
CVE-2022-39367 (QTIWorks is a software suite for standards-based assessment
delivery. ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/804061b6e2de37d3fe6b54dbae31ab8dbcd71b23
--
This project does not include diff previews in email notifications.
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/804061b6e2de37d3fe6b54dbae31ab8dbcd71b23
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
