diff options
| author | Moritz Muehlenhoff <jmm@debian.org> | 2022-06-22 17:38:48 +0200 |
|---|---|---|
| committer | Moritz Muehlenhoff <jmm@debian.org> | 2022-06-22 17:39:10 +0200 |
| commit | d8ea72580431ad11ebedf8fed518f493c1332f1f (patch) | |
| tree | 9463fa05e6e16ee87024e2b7a0eb3f323f361f30 | |
| parent | 5dc02de4f9a1e541c777b17674498a22227975e2 (diff) | |
buster/bullseye triage
| -rw-r--r-- | data/CVE/list | 12 | ||||
| -rw-r--r-- | data/dsa-needed.txt | 2 |
2 files changed, 9 insertions, 5 deletions
diff --git a/data/CVE/list b/data/CVE/list index 2bd6400799..f5922b6018 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -10537,9 +10537,13 @@ CVE-2022-1588 REJECTED CVE-2022-1587 (An out-of-bounds read vulnerability was discovered in the PCRE2 librar ...) - pcre2 10.40-1 (bug #1011954) + [bullseye] - pcre2 <no-dsa> (Minor issue) + [buster] - pcre2 <no-dsa> (Minor issue) NOTE: https://github.com/PCRE2Project/pcre2/commit/03654e751e7f0700693526b67dfcadda6b42c9d0 (pcre2-10.40) CVE-2022-1586 (An out-of-bounds read vulnerability was discovered in the PCRE2 librar ...) - pcre2 10.40-1 (bug #1011954) + [bullseye] - pcre2 <no-dsa> (Minor issue) + [buster] - pcre2 <no-dsa> (Minor issue) NOTE: https://github.com/PCRE2Project/pcre2/commit/50a51cb7e67268e6ad417eb07c9de9bfea5cc55a (pcre2-10.40) NOTE: https://github.com/PCRE2Project/pcre2/commit/d4fa336fbcc388f89095b184ba6d99422cfc676c (pcre2-10.40) CVE-2022-1585 @@ -12409,11 +12413,9 @@ CVE-2022-29624 (An arbitrary file upload vulnerability in the Add File function CVE-2022-29623 (An arbitrary file upload vulnerability in the file upload module of Co ...) NOT-FOR-US: expressjs/connect-multiparty CVE-2022-29622 (An arbitrary file upload vulnerability in formidable v3.1.4 allows att ...) - - node-formidable <unfixed> (bug #1011341) - [stretch] - node-formidable <end-of-life> (No longer supported in LTS) - NOTE: https://www.youtube.com/watch?v=C6QPKooxhAo - NOTE: https://github.com/vyas0189/CougarCS-Backend/issues/57 - NOTE: unclear if reported upstream + - node-formidable <unfixed> (unimportant; bug #1011341) + NOTE: https://github.com/node-formidable/formidable/issues/856 + NOTE: https://medium.com/@zsolt.imre/cve-2022-29622-in-vulnerability-analysis-5cf783c3721 CVE-2022-29621 RESERVED CVE-2022-29620 (** DISPUTED ** FileZilla v3.59.0 allows attackers to obtain cleartext ...) diff --git a/data/dsa-needed.txt b/data/dsa-needed.txt index 01941335e0..ae403f7e50 100644 --- a/data/dsa-needed.txt +++ b/data/dsa-needed.txt @@ -45,6 +45,8 @@ netatalk -- nodejs (jmm) -- +php-horde-mime-viewer +-- php-horde-turba -- puma/oldstable |