diff options
author | Moritz Muehlenhoff <jmm@debian.org> | 2022-05-13 13:06:06 +0200 |
---|---|---|
committer | Moritz Muehlenhoff <jmm@debian.org> | 2022-05-13 14:03:31 +0200 |
commit | da3ade15d88acdb6d41bcf13653cf34c13ccbfe6 (patch) | |
tree | 05ab9aa608206f67100e41cb3047f0a3751476c6 | |
parent | 35d489b8df30e1f44a87f276869c8088a4a43e3f (diff) |
buster/bullseye triage
-rw-r--r-- | data/CVE/list | 4 | ||||
-rw-r--r-- | data/dsa-needed.txt | 5 |
2 files changed, 8 insertions, 1 deletions
diff --git a/data/CVE/list b/data/CVE/list index f4984014e3..cd8d914b7a 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -958,10 +958,14 @@ CVE-2022-26041 RESERVED CVE-2022-1623 (LibTIFF master branch has an out-of-bounds read in LZWDecode in libtif ...) - tiff <unfixed> + [bullseye] - tiff <no-dsa> (Minor issue) + [buster] - tiff <no-dsa> (Minor issue) NOTE: https://gitlab.com/libtiff/libtiff/-/commit/b4e79bfa0c7d2d08f6f1e7ec38143fc8cb11394a NOTE: https://gitlab.com/libtiff/libtiff/-/issues/410 CVE-2022-1622 (LibTIFF master branch has an out-of-bounds read in LZWDecode in libtif ...) - tiff <unfixed> + [bullseye] - tiff <no-dsa> (Minor issue) + [buster] - tiff <no-dsa> (Minor issue) NOTE: https://gitlab.com/libtiff/libtiff/-/commit/b4e79bfa0c7d2d08f6f1e7ec38143fc8cb11394a NOTE: https://gitlab.com/libtiff/libtiff/-/issues/410 CVE-2022-1621 (Heap buffer overflow in vim_strncpy find_word in GitHub repository vim ...) diff --git a/data/dsa-needed.txt b/data/dsa-needed.txt index 82a5e6f6d8..f1d9d5991b 100644 --- a/data/dsa-needed.txt +++ b/data/dsa-needed.txt @@ -56,7 +56,10 @@ trafficserver (jmm) wait until status for CVE-2021-38161 is clarified (upstream patch got reverted) -- unzip - no details public yet + unclear information, initial report indicates writable memory corruption, but + some identified patch is just for a NULL deref, needs more clarification +-- +waitress (jmm) -- wordpress -- |