bullseye/buster triage

1 files changed, 21 insertions, 5 deletions

diff --git a/data/CVE/list b/data/CVE/list
index afb4dbd294..0c722ffca2 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1062,7 +1062,9 @@ CVE-2022-33904
 CVE-2022-33903
 	RESERVED
 	- tor 0.4.7.8-1
-	[stretch] - tor <end-of-life> (Not supported in LTS)
+	[bullseye] - tor <not-affected> (Only affects 0.4.7.x)
+	[buster] - tor <not-affected> (Only affects 0.4.7.x)
+	[stretch] - tor <not-affected> (Only affects 0.4.7.x)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2099227
 	NOTE: https://gitlab.torproject.org/tpo/core/tor/-/issues/40626
 	NOTE: https://lists.torproject.org/pipermail/tor-announce/2022-June/000242.html
@@ -14900,18 +14902,26 @@ CVE-2022-28737
 CVE-2022-28736
 	RESERVED
 	- grub2 2.06-3
+	[bullseye] - grub2 <no-dsa> (Minor issue, fix via point release)
+	[buster] - grub2 <no-dsa> (Minor issue, fix via point release)
 	NOTE: https://www.openwall.com/lists/oss-security/2022/06/07/5
 CVE-2022-28735
 	RESERVED
 	- grub2 2.06-3 (bug #1001057)
+	[bullseye] - grub2 <no-dsa> (Minor issue, fix via point release)
+	[buster] - grub2 <no-dsa> (Minor issue, fix via point release)
 	NOTE: https://www.openwall.com/lists/oss-security/2022/06/07/5
 CVE-2022-28734
 	RESERVED
 	- grub2 2.06-3
+	[bullseye] - grub2 <no-dsa> (Minor issue, fix via point release)
+	[buster] - grub2 <no-dsa> (Minor issue, fix via point release)
 	NOTE: https://www.openwall.com/lists/oss-security/2022/06/07/5
 CVE-2022-28733
 	RESERVED
 	- grub2 2.06-3
+	[bullseye] - grub2 <no-dsa> (Minor issue, fix via point release)
+	[buster] - grub2 <no-dsa> (Minor issue, fix via point release)
 	NOTE: https://www.openwall.com/lists/oss-security/2022/06/07/5
 CVE-2022-28732
 	RESERVED
@@ -50903,11 +50913,10 @@ CVE-2021-42220 (A Cross Site Scripting (XSS) vulnerability exists in Dolibarr be
 CVE-2021-42219 (Go-Ethereum v1.10.9 was discovered to contain an issue which allows at ...)
 	- golang-github-go-ethereum <itp> (bug #890541)
 CVE-2021-42218 (OMPL v1.5.2 contains a memory leak in VFRRT.cpp ...)
-	- ompl <unfixed>
-	[bullseye] - ompl <no-dsa> (Minor issue)
-	[stretch] - ompl <not-affected> (VFRRT introduced in v1.2)
+	- ompl <unfixed> (unimportant)
 	NOTE: https://github.com/ompl/ompl/issues/839
 	NOTE: https://github.com/ompl/ompl/commit/abb4fadcb4e4fe4c9cf41e5e7706143a66948eb7
+	NOTE: Negligible security impact
 CVE-2021-42217
 	RESERVED
 CVE-2021-42216 (A Broken or Risky Cryptographic Algorithm exists in AnonAddy 0.8.5 via ...)
@@ -52785,8 +52794,9 @@ CVE-2021-41492 (Multiple SQL Injection vulnerabilities exist in Sourcecodester S
 CVE-2021-41491
 	RESERVED
 CVE-2021-41490 (Memory leaks in LazyPRM.cpp of OMPL v1.5.0 can cause unexpected behavi ...)
-	- ompl <unfixed>
+	- ompl <unfixed> (unimportant)
 	NOTE: https://github.com/ompl/ompl/issues/833
+	NOTE: Negligible security impact
 CVE-2021-41489
 	RESERVED
 CVE-2021-41488
@@ -60600,14 +60610,20 @@ CVE-2021-3698 (A flaw was found in Cockpit in versions prior to 260 in the way i
 CVE-2021-3697
 	RESERVED
 	- grub2 2.06-3
+	[bullseye] - grub2 <no-dsa> (Minor issue, fix via point release)
+	[buster] - grub2 <no-dsa> (Minor issue, fix via point release)
 	NOTE: https://www.openwall.com/lists/oss-security/2022/06/07/5
 CVE-2021-3696
 	RESERVED
 	- grub2 2.06-3
+	[bullseye] - grub2 <no-dsa> (Minor issue, fix via point release)
+	[buster] - grub2 <no-dsa> (Minor issue, fix via point release)
 	NOTE: https://www.openwall.com/lists/oss-security/2022/06/07/5
 CVE-2021-3695
 	RESERVED
 	- grub2 2.06-3
+	[bullseye] - grub2 <no-dsa> (Minor issue, fix via point release)
+	[buster] - grub2 <no-dsa> (Minor issue, fix via point release)
 	NOTE: https://www.openwall.com/lists/oss-security/2022/06/07/5
 CVE-2021-40084 (opensysusers through 0.6 does not safely use eval on files in sysusers ...)
 	- opensysusers 0.6-3 (bug #992058)