diff options
author | Moritz Mühlenhoff <jmm@debian.org> | 2022-03-24 19:37:51 +0100 |
---|---|---|
committer | Moritz Mühlenhoff <jmm@debian.org> | 2022-03-24 19:37:51 +0100 |
commit | 6a20dade7f5d96da0291abd28ce1fd3e7f76fc38 (patch) | |
tree | 941de7e0a89764ca322e50e246cf5548e0bc41e1 | |
parent | c463a84270ebf7e3d211b731ef2b04585bb5ce78 (diff) |
tiff DSA
-rw-r--r-- | data/CVE/list | 6 | ||||
-rw-r--r-- | data/DSA/list | 4 | ||||
-rw-r--r-- | data/dsa-needed.txt | 2 |
3 files changed, 4 insertions, 8 deletions
diff --git a/data/CVE/list b/data/CVE/list index f4ee4c5d95..11c043db3a 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -8217,15 +8217,11 @@ CVE-2022-0563 (A flaw was found in the util-linux chfn and chsh utilities when c CVE-2022-0562 (Null source pointer passed as an argument to memcpy() function within ...) {DLA-2932-1} - tiff 4.3.0-4 - [bullseye] - tiff <no-dsa> (Minor issue) - [buster] - tiff <no-dsa> (Minor issue) NOTE: https://gitlab.com/libtiff/libtiff/-/issues/362 NOTE: Fixed by: https://gitlab.com/libtiff/libtiff/-/commit/561599c99f987dc32ae110370cfdd7df7975586b CVE-2022-0561 (Null source pointer passed as an argument to memcpy() function within ...) {DLA-2932-1} - tiff 4.3.0-4 - [bullseye] - tiff <no-dsa> (Minor issue) - [buster] - tiff <no-dsa> (Minor issue) NOTE: https://gitlab.com/libtiff/libtiff/-/issues/362 NOTE: Fixed by: https://gitlab.com/libtiff/libtiff/-/commit/eecb0712f4c3a5b449f70c57988260a667ddbdef CVE-2022-0560 (Open Redirect in Packagist microweber/microweber prior to 1.2.11. ...) @@ -14968,8 +14964,6 @@ CVE-2022-22845 (QXIP SIPCAPTURE homer-app before 1.4.28 for HOMER 7.x has the sa CVE-2022-22844 (LibTIFF 4.3.0 has an out-of-bounds read in _TIFFmemcpy in tif_unix.c i ...) {DLA-2932-1} - tiff 4.3.0-3 - [bullseye] - tiff <no-dsa> (Minor issue) - [buster] - tiff <no-dsa> (Minor issue) NOTE: https://gitlab.com/libtiff/libtiff/-/issues/355 NOTE: https://gitlab.com/libtiff/libtiff/-/merge_requests/287 NOTE: Fixed by: https://gitlab.com/libtiff/libtiff/-/commit/03047a26952a82daaa0792957ce211e0aa51bc64 diff --git a/data/DSA/list b/data/DSA/list index 783ae42bfa..2ce85d0f81 100644 --- a/data/DSA/list +++ b/data/DSA/list @@ -1,3 +1,7 @@ +[24 Mar 2022] DSA-5108-1 tiff - security update + {CVE-2022-0561 CVE-2022-0562 CVE-2022-0865 CVE-2022-0891 CVE-2022-0907 CVE-2022-0908 CVE-2022-0909 CVE-2022-0924 CVE-2022-22844} + [buster] - tiff 4.1.0+git191117-2~deb10u4 + [bullseye] - tiff 4.2.0-1+deb11u1 [24 Mar 2022] DSA-5107-1 php-twig - security update {CVE-2022-23614} [bullseye] - php-twig 2.14.3-1+deb11u1 diff --git a/data/dsa-needed.txt b/data/dsa-needed.txt index e5cb174a3d..72840405ca 100644 --- a/data/dsa-needed.txt +++ b/data/dsa-needed.txt @@ -37,8 +37,6 @@ rpki-client/stable -- sox -- -tiff (jmm) --- trafficserver (jmm) wait until status for CVE-2021-38161 is clarified (upstream patch got reverted) -- |