Thorsten Alteholz pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
6a191a12 by Thorsten Alteholz at 2022-06-05T00:41:24+02:00
mark CVE-2022-31001, CVE-2022-31002 and CVE-2022-31003 as postponed for Stretch
- - - - -
e460a70e by Thorsten Alteholz at 2022-06-05T00:44:25+02:00
mark CVEs of swdtools as no-dsa
- - - - -
be7d2238 by Thorsten Alteholz at 2022-06-05T00:50:04+02:00
add librecad
- - - - -
2 changed files:
- data/CVE/list
- data/dla-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -3436,14 +3436,17 @@ CVE-2022-31004 (CVEProject/cve-services is an open
source project used to operat
NOT-FOR-US: CVEProject/cve-services
CVE-2022-31003 (Sofia-SIP is an open-source Session Initiation Protocol (SIP)
User-Age ...)
- sofia-sip <unfixed>
+ [stretch] - sofia-sip <postponed> (Minor issue)
NOTE:
https://github.com/freeswitch/sofia-sip/security/advisories/GHSA-8w5j-6g2j-pxcp
NOTE:
https://github.com/freeswitch/sofia-sip/commit/907f2ac0ee504c93ebfefd676b4632a3575908c9
(v1.13.8)
CVE-2022-31002 (Sofia-SIP is an open-source Session Initiation Protocol (SIP)
User-Age ...)
- sofia-sip <unfixed>
+ [stretch] - sofia-sip <postponed> (Minor issue)
NOTE:
https://github.com/freeswitch/sofia-sip/security/advisories/GHSA-g3x6-p824-x6hm
NOTE:
https://github.com/freeswitch/sofia-sip/commit/51841eb53679434a386fb2dcbca925dcc48d58ba
(v1.13.8)
CVE-2022-31001 (Sofia-SIP is an open-source Session Initiation Protocol (SIP)
User-Age ...)
- sofia-sip <unfixed>
+ [stretch] - sofia-sip <postponed> (Minor issue)
NOTE:
https://github.com/freeswitch/sofia-sip/security/advisories/GHSA-79jq-hh82-cv9g
NOTE:
https://github.com/freeswitch/sofia-sip/commit/a99804b336d0e16d26ab7119d56184d2d7110a36
(v1.13.8)
CVE-2022-31000 (solidus_backend is the admin interface for the Solidus
e-commerce fram ...)
@@ -45889,33 +45892,43 @@ CVE-2021-42205
RESERVED
CVE-2021-42204 (An issue was discovered in swftools through 20201222. A
heap-buffer-ov ...)
- swftools <removed>
+ [stretch] - swftools <no-dsa> (Minor issue)
NOTE: https://github.com/matthiaskramm/swftools/issues/169
CVE-2021-42203 (An issue was discovered in swftools through 20201222. A
heap-use-after ...)
- swftools <removed>
+ [stretch] - swftools <no-dsa> (Minor issue)
NOTE: https://github.com/matthiaskramm/swftools/issues/176
CVE-2021-42202 (An issue was discovered in swftools through 20201222. A NULL
pointer d ...)
- swftools <removed>
+ [stretch] - swftools <no-dsa> (Minor issue)
NOTE: https://github.com/matthiaskramm/swftools/issues/171
CVE-2021-42201 (An issue was discovered in swftools through 20201222. A
heap-buffer-ov ...)
- swftools <removed>
+ [stretch] - swftools <no-dsa> (Minor issue)
NOTE: https://github.com/matthiaskramm/swftools/issues/175
CVE-2021-42200 (An issue was discovered in swftools through 20201222. A NULL
pointer d ...)
- swftools <removed>
+ [stretch] - swftools <no-dsa> (Minor issue)
NOTE: https://github.com/matthiaskramm/swftools/issues/170
CVE-2021-42199 (An issue was discovered in swftools through 20201222. A heap
buffer ov ...)
- swftools <removed>
+ [stretch] - swftools <no-dsa> (Minor issue)
NOTE: https://github.com/matthiaskramm/swftools/issues/173
CVE-2021-42198 (An issue was discovered in swftools through 20201222. A NULL
pointer d ...)
- swftools <removed>
+ [stretch] - swftools <no-dsa> (Minor issue)
NOTE: https://github.com/matthiaskramm/swftools/issues/168
CVE-2021-42197 (An issue was discovered in swftools through 20201222 through a
memory ...)
- swftools <removed>
+ [stretch] - swftools <no-dsa> (Minor issue)
NOTE: https://github.com/matthiaskramm/swftools/issues/177
CVE-2021-42196 (An issue was discovered in swftools through 20201222. A NULL
pointer d ...)
- swftools <removed>
+ [stretch] - swftools <no-dsa> (Minor issue)
NOTE: https://github.com/matthiaskramm/swftools/issues/172
CVE-2021-42195 (An issue was discovered in swftools through 20201222. A
heap-buffer-ov ...)
- swftools <removed>
+ [stretch] - swftools <no-dsa> (Minor issue)
NOTE: https://github.com/matthiaskramm/swftools/issues/174
CVE-2021-42194 (The wechat_return function in /controller/Index.php of EyouCms
V1.5.4- ...)
NOT-FOR-US: Eyoucms
=====================================
data/dla-needed.txt
=====================================
@@ -138,6 +138,9 @@ liblouis (Andreas Rönnquist)
NOTE: 20220503: CVE-2022-26981 patch applied in salsa lts-team repo,
NOTE: 20220503: Patch not applied upstream yet.
--
+librecad
+ NOTE: 20220605: Programming language: C++.
+--
libmatio (Abhijith PA)
NOTE: 20220529: Programming language: C.
NOTE: 20220528: lots of postponed minor vulnerabilities, no past stretch
security upload, supported package (Beuc/front-desk)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/37d8581cb8a79e74202e5a5a1b00f9aff824735d...be7d2238822f4f916f5fc95da674897b4439eccc
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/37d8581cb8a79e74202e5a5a1b00f9aff824735d...be7d2238822f4f916f5fc95da674897b4439eccc
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
