[Git][security-tracker-team/security-tracker][master] bullseye triage

Moritz Muehlenhoff (@jmm) Tue, 25 Oct 2022 03:34:09 -0700


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
9ce5b6e9 by Moritz Muehlenhoff at 2022-10-25T12:33:08+02:00
bullseye triage

- - - - -


2 changed files:

- data/CVE/list
- data/dsa-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -5988,9 +5988,10 @@ CVE-2022-3297 (Use After Free in GitHub repository 
vim/vim prior to 9.0.0579. ..
        NOTE: 
https://github.com/vim/vim/commit/0ff01835a40f549c5c4a550502f62a2ac9ac447c 
(v9.0.0579)
        NOTE: Crash in CLI tool, no security impact
 CVE-2022-3296 (Stack-based Buffer Overflow in GitHub repository vim/vim prior 
to 9.0. ...)
-       - vim 2:9.0.0626-1
+       - vim 2:9.0.0626-1 (unimportant)
        NOTE: https://huntr.dev/bounties/958866b8-526a-4979-9471-39392e0c9077
        NOTE: 
https://github.com/vim/vim/commit/96b9bf8f74af8abf1e30054f996708db7dc285be 
(v9.0.0577)
+       NOTE: Crash in CLI tool, no security impact
 CVE-2022-3295 (Allocation of Resources Without Limits or Throttling in GitHub 
reposit ...)
        - rdiffweb <itp> (bug #969974)
 CVE-2022-3294
@@ -49437,6 +49438,7 @@ CVE-2022-0700 (The Simple Tracking WordPress plugin 
before 1.7 does not sanitise
        NOT-FOR-US: WordPress plugin
 CVE-2022-0699 (A double-free condition exists in contrib/shpsort.c of shapelib 
1.5.0  ...)
        - shapelib 1.5.0-3 (bug #1022557)
+       [bullseye] - shapelib <no-dsa> (Minor issue)
        NOTE: 
https://github.com/OSGeo/shapelib/commit/c75b9281a5b9452d92e1682bdfe6019a13ed819f
        NOTE: https://github.com/OSGeo/shapelib/issues/39
 CVE-2022-25597 (ASUS RT-AC86U&#8217;s LPD service has insufficient filtering 
for speci ...)


=====================================
data/dsa-needed.txt
=====================================
@@ -56,9 +56,13 @@ ruby-tzinfo
 --
 salt
 --
+samba
+--
 sofia-sip
   Maintainer proposed debdiff, though as rebuild of the testing version
 --
 sox
   patch needed for CVE-2021-40426, check with upstream
 --
+thunderbird (jmm)
+--



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9ce5b6e9ab5505b40b5cc89387e82e44cd9f6e5a

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9ce5b6e9ab5505b40b5cc89387e82e44cd9f6e5a
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] bullseye triage

Reply via email to