Thorsten Alteholz pushed to branch master at Debian Security Tracker / security-tracker
Commits: 6a191a12 by Thorsten Alteholz at 2022-06-05T00:41:24+02:00 mark CVE-2022-31001, CVE-2022-31002 and CVE-2022-31003 as postponed for Stretch - - - - - e460a70e by Thorsten Alteholz at 2022-06-05T00:44:25+02:00 mark CVEs of swdtools as no-dsa - - - - - be7d2238 by Thorsten Alteholz at 2022-06-05T00:50:04+02:00 add librecad - - - - - 2 changed files: - data/CVE/list - data/dla-needed.txt Changes: ===================================== data/CVE/list ===================================== @@ -3436,14 +3436,17 @@ CVE-2022-31004 (CVEProject/cve-services is an open source project used to operat NOT-FOR-US: CVEProject/cve-services CVE-2022-31003 (Sofia-SIP is an open-source Session Initiation Protocol (SIP) User-Age ...) - sofia-sip <unfixed> + [stretch] - sofia-sip <postponed> (Minor issue) NOTE: https://github.com/freeswitch/sofia-sip/security/advisories/GHSA-8w5j-6g2j-pxcp NOTE: https://github.com/freeswitch/sofia-sip/commit/907f2ac0ee504c93ebfefd676b4632a3575908c9 (v1.13.8) CVE-2022-31002 (Sofia-SIP is an open-source Session Initiation Protocol (SIP) User-Age ...) - sofia-sip <unfixed> + [stretch] - sofia-sip <postponed> (Minor issue) NOTE: https://github.com/freeswitch/sofia-sip/security/advisories/GHSA-g3x6-p824-x6hm NOTE: https://github.com/freeswitch/sofia-sip/commit/51841eb53679434a386fb2dcbca925dcc48d58ba (v1.13.8) CVE-2022-31001 (Sofia-SIP is an open-source Session Initiation Protocol (SIP) User-Age ...) - sofia-sip <unfixed> + [stretch] - sofia-sip <postponed> (Minor issue) NOTE: https://github.com/freeswitch/sofia-sip/security/advisories/GHSA-79jq-hh82-cv9g NOTE: https://github.com/freeswitch/sofia-sip/commit/a99804b336d0e16d26ab7119d56184d2d7110a36 (v1.13.8) CVE-2022-31000 (solidus_backend is the admin interface for the Solidus e-commerce fram ...) @@ -45889,33 +45892,43 @@ CVE-2021-42205 RESERVED CVE-2021-42204 (An issue was discovered in swftools through 20201222. A heap-buffer-ov ...) - swftools <removed> + [stretch] - swftools <no-dsa> (Minor issue) NOTE: https://github.com/matthiaskramm/swftools/issues/169 CVE-2021-42203 (An issue was discovered in swftools through 20201222. A heap-use-after ...) - swftools <removed> + [stretch] - swftools <no-dsa> (Minor issue) NOTE: https://github.com/matthiaskramm/swftools/issues/176 CVE-2021-42202 (An issue was discovered in swftools through 20201222. A NULL pointer d ...) - swftools <removed> + [stretch] - swftools <no-dsa> (Minor issue) NOTE: https://github.com/matthiaskramm/swftools/issues/171 CVE-2021-42201 (An issue was discovered in swftools through 20201222. A heap-buffer-ov ...) - swftools <removed> + [stretch] - swftools <no-dsa> (Minor issue) NOTE: https://github.com/matthiaskramm/swftools/issues/175 CVE-2021-42200 (An issue was discovered in swftools through 20201222. A NULL pointer d ...) - swftools <removed> + [stretch] - swftools <no-dsa> (Minor issue) NOTE: https://github.com/matthiaskramm/swftools/issues/170 CVE-2021-42199 (An issue was discovered in swftools through 20201222. A heap buffer ov ...) - swftools <removed> + [stretch] - swftools <no-dsa> (Minor issue) NOTE: https://github.com/matthiaskramm/swftools/issues/173 CVE-2021-42198 (An issue was discovered in swftools through 20201222. A NULL pointer d ...) - swftools <removed> + [stretch] - swftools <no-dsa> (Minor issue) NOTE: https://github.com/matthiaskramm/swftools/issues/168 CVE-2021-42197 (An issue was discovered in swftools through 20201222 through a memory ...) - swftools <removed> + [stretch] - swftools <no-dsa> (Minor issue) NOTE: https://github.com/matthiaskramm/swftools/issues/177 CVE-2021-42196 (An issue was discovered in swftools through 20201222. A NULL pointer d ...) - swftools <removed> + [stretch] - swftools <no-dsa> (Minor issue) NOTE: https://github.com/matthiaskramm/swftools/issues/172 CVE-2021-42195 (An issue was discovered in swftools through 20201222. A heap-buffer-ov ...) - swftools <removed> + [stretch] - swftools <no-dsa> (Minor issue) NOTE: https://github.com/matthiaskramm/swftools/issues/174 CVE-2021-42194 (The wechat_return function in /controller/Index.php of EyouCms V1.5.4- ...) NOT-FOR-US: Eyoucms ===================================== data/dla-needed.txt ===================================== @@ -138,6 +138,9 @@ liblouis (Andreas Rönnquist) NOTE: 20220503: CVE-2022-26981 patch applied in salsa lts-team repo, NOTE: 20220503: Patch not applied upstream yet. -- +librecad + NOTE: 20220605: Programming language: C++. +-- libmatio (Abhijith PA) NOTE: 20220529: Programming language: C. NOTE: 20220528: lots of postponed minor vulnerabilities, no past stretch security upload, supported package (Beuc/front-desk) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/37d8581cb8a79e74202e5a5a1b00f9aff824735d...be7d2238822f4f916f5fc95da674897b4439eccc -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/37d8581cb8a79e74202e5a5a1b00f9aff824735d...be7d2238822f4f916f5fc95da674897b4439eccc You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits