Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
dfa4cb24 by Salvatore Bonaccorso at 2024-10-19T19:31:38+02:00
Clarify followup for CVE-2022-26874
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -210322,8 +210322,8 @@ CVE-2022-26874 (lib/Horde/Mime/Viewer/Ooo.php in
Horde Mime_Viewer before 2.2.4
- php-horde-mime-viewer 2.2.4+debian0-1
NOTE:
https://blog.sonarsource.com/horde-webmail-account-takeover-via-email/
NOTE: Introduced by:
https://github.com/horde/Mime_Viewer/commit/325a7ae2663dd9c50e85fe515033454669f16f28
- NOTE: Fixed by:
https://github.com/horde/Mime_Viewer/commit/86f4f265adc45c39f891dea4ba5f22fb2a338618
(2.2.3, partially fixed only.)
- NOTE: Fixed by:
https://github.com/horde/Mime_Viewer/commit/02b46cec1a7e8f1a6835b628850cd56b85963bb5
(2.2.4)
+ NOTE: Fixed by:
https://github.com/horde/Mime_Viewer/commit/86f4f265adc45c39f891dea4ba5f22fb2a338618
(2.2.3)
+ NOTE: Followup:
https://github.com/horde/Mime_Viewer/commit/02b46cec1a7e8f1a6835b628850cd56b85963bb5
(2.2.4)
CVE-2022-25762 (If a web application sends a WebSocket message concurrently
with the W ...)
- tomcat9 9.0.22-1
- tomcat8 <removed>
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dfa4cb24b7c39e7052f06fbfb55b7c698458ae9c
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dfa4cb24b7c39e7052f06fbfb55b7c698458ae9c
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
