[Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2022-50798/sox: bullseye postponed

Sat, 03 Jan 2026 03:02:45 -0800 


Sylvain Beucler pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
e97c147a by Sylvain Beucler at 2026-01-03T11:53:28+01:00
CVE-2022-50798/sox: bullseye postponed

- - - - -
a85abd2f by Sylvain Beucler at 2026-01-03T12:02:23+01:00
dla: add curl

- - - - -


2 changed files:

- data/CVE/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -2126,6 +2126,7 @@ CVE-2022-50798 (SoX 14.4.2 contains a division by zero 
vulnerability when handli
        - sox <unfixed>
        [trixie] - sox <no-dsa> (Minor issue)
        [bookworm] - sox <no-dsa> (Minor issue)
+       [bullseye] - sox <postponed> (Minor issue, DoS)
        NOTE: https://www.exploit-db.com/exploits/51034
        NOTE: https://www.zeroscience.mk/en/vulnerabilities/ZSL-2022-5712.php
 CVE-2022-50796 (SOUND4 IMPACT/FIRST/PULSE/Eco <=2.x contains an 
unauthenticated remote ...)


=====================================
data/dla-needed.txt
=====================================
@@ -73,6 +73,14 @@ ckeditor
 containerd
   NOTE: 20251113: Added by Front-Desk (ta)
 --
+curl
+  NOTE: 20260103: Added by Front-Desk (Beuc)
+  NOTE: 20260103: @puer-robustus prepared a patch for bullseye:
+  NOTE: 20260103: https://salsa.debian.org/debian/curl/-/merge_requests/57
+  NOTE: 20260103: There's also an OSPU:
+  NOTE: 20260103: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1124568
+  NOTE: 20260103: Please coordinate with him to upload to LTS (Beuc/front-desk)
+--
 dcmtk (Markus Koschany)
   NOTE: 20251229: Added by Front-Desk (apo)
 --



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/8022b65ca8d55dcc1abf25e13a775a1bf28f84e9...a85abd2f71636797fd893d4b2dcfe8758b75e532

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/8022b65ca8d55dcc1abf25e13a775a1bf28f84e9...a85abd2f71636797fd893d4b2dcfe8758b75e532
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to