[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2022-2330{2,5,7}, #1004482

Fri, 28 Jan 2022 11:40:05 -0800 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
eb649ba5 by Salvatore Bonaccorso at 2022-01-28T20:39:22+01:00
Add Debian bug reference for CVE-2022-2330{2,5,7}, #1004482

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -2810,12 +2810,12 @@ CVE-2022-0266 (Authorization Bypass Through 
User-Controlled Key in Packagist rem
 CVE-2022-0265
        RESERVED
 CVE-2022-23307 (CVE-2020-9493 identified a deserialization issue that was 
present in A ...)
-       - apache-log4j1.2 <unfixed>
+       - apache-log4j1.2 <unfixed> (bug #1004482)
        NOTE: https://www.openwall.com/lists/oss-security/2022/01/18/5
 CVE-2022-23306
        RESERVED
 CVE-2022-23305 (By design, the JDBCAppender in Log4j 1.2.x accepts an SQL 
statement as ...)
-       - apache-log4j1.2 <unfixed>
+       - apache-log4j1.2 <unfixed> (bug #1004482)
        NOTE: https://www.openwall.com/lists/oss-security/2022/01/18/4
 CVE-2022-0263 (Unrestricted Upload of File with Dangerous Type in Packagist 
pimcore/p ...)
        NOT-FOR-US: pimcore
@@ -2878,7 +2878,7 @@ CVE-2022-0244 (An issue has been discovered in GitLab 
CE/EE affecting all versio
 CVE-2022-0243 (Cross-site Scripting (XSS) - Stored in NuGet 
OrchardCore.Application.C ...)
        NOT-FOR-US: Orchard CMS
 CVE-2022-23302 (JMSSink in all versions of Log4j 1.x is vulnerable to 
deserialization  ...)
-       - apache-log4j1.2 <unfixed>
+       - apache-log4j1.2 <unfixed> (bug #1004482)
        NOTE: https://www.openwall.com/lists/oss-security/2022/01/18/3
 CVE-2022-22142
        RESERVED



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/eb649ba5f82755330ad27d50eda6da715b63b53d

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/eb649ba5f82755330ad27d50eda6da715b63b53d
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to