[Git][security-tracker-team/security-tracker][master] Reference two upstream commit for CVE-2022-25761 and CVE-2020-36429

Sun, 16 Mar 2025 08:00:10 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
3a6e3568 by Salvatore Bonaccorso at 2025-03-16T15:59:11+01:00
Reference two upstream commit for CVE-2022-25761 and CVE-2020-36429

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -256683,6 +256683,7 @@ CVE-2022-25764
        RESERVED
 CVE-2022-25761 (The package open62541/open62541 before 1.2.5, from 1.3-rc1 and 
before  ...)
        - open62541 <not-affected> (Fixed before initial upload to the archive)
+       NOTE: Fixed by: 
https://github.com/open62541/open62541/commit/b79db1ac78146fc06b0b8435773d3967de2d659c
 (v1.2.5)
 CVE-2022-25760 (All versions of package accesslog are vulnerable to Arbitrary 
Code Inj ...)
        NOT-FOR-US: accesslog Nodejs module
 CVE-2022-25759 (The package convert-svg-core before 0.6.2 are vulnerable to 
Remote Cod ...)
@@ -299014,6 +299015,7 @@ CVE-2020-36430 (libass 0.15.x before 0.15.1 has a 
heap-based buffer overflow in
        NOTE: Fixed by: 
https://github.com/libass/libass/commit/017137471d0043e0321e377ed8da48e45a3ec632
 (0.15.1)
 CVE-2020-36429 (Variant_encodeJson in open62541 1.x before 1.0.4 has an 
out-of-bounds  ...)
        - open62541 <not-affected> (Fixed before initial upload to the archive)
+       NOTE: Fixed by: 
https://github.com/open62541/open62541/commit/c800e2987b10bb3af6ef644b515b5d6392f8861d
 (v1.0.4)
 CVE-2020-36428 (matio (aka MAT File I/O Library) 1.5.18 through 1.5.21 has a 
heap-base ...)
        - libmatio 1.5.22-1 (bug #991370)
        [bullseye] - libmatio <no-dsa> (Minor issue)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3a6e356871d921593d9f7d5dd97875c7bdcd0ff6

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3a6e356871d921593d9f7d5dd97875c7bdcd0ff6
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to