From 12210128324d72e67d4ade82c87af775c5b5fd08 Mon Sep 17 00:00:00 2001 From: Salvatore Bonaccorso Date: Thu, 22 Sep 2022 22:47:34 +0200 Subject: Process several texlive-bin CVEs related to OTFCC --- data/CVE/list | 90 +++++++++++++++++++++++++++++++++++++++++++++++------------ 1 file changed, 72 insertions(+), 18 deletions(-) (limited to 'data/CVE/list') diff --git a/data/CVE/list b/data/CVE/list index 40aeb43661..7915861299 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -16030,43 +16030,97 @@ CVE-2022-35041 CVE-2022-35040 RESERVED CVE-2022-35039 (OTFCC commit 617837b was discovered to contain a heap buffer overflow ...) - TODO: check + - texlive-bin (unimportant) + [bullseye] - texlive-bin (Vulnerable code not present) + [buster] - texlive-bin (Vulnerable code not present) + NOTE: Crash in CLI tool, no security impact and affected code not built, see as well #1019602 CVE-2022-35038 (OTFCC commit 617837b was discovered to contain a heap buffer overflow ...) - TODO: check + - texlive-bin (unimportant) + [bullseye] - texlive-bin (Vulnerable code not present) + [buster] - texlive-bin (Vulnerable code not present) + NOTE: Crash in CLI tool, no security impact and affected code not built, see as well #1019602 CVE-2022-35037 (OTFCC commit 617837b was discovered to contain a heap buffer overflow ...) - TODO: check + - texlive-bin (unimportant) + [bullseye] - texlive-bin (Vulnerable code not present) + [buster] - texlive-bin (Vulnerable code not present) + NOTE: Crash in CLI tool, no security impact and affected code not built, see as well #1019602 CVE-2022-35036 (OTFCC commit 617837b was discovered to contain a heap buffer overflow ...) - TODO: check + - texlive-bin (unimportant) + [bullseye] - texlive-bin (Vulnerable code not present) + [buster] - texlive-bin (Vulnerable code not present) + NOTE: Crash in CLI tool, no security impact and affected code not built, see as well #1019602 CVE-2022-35035 (OTFCC commit 617837b was discovered to contain a heap buffer overflow ...) - TODO: check + - texlive-bin (unimportant) + [bullseye] - texlive-bin (Vulnerable code not present) + [buster] - texlive-bin (Vulnerable code not present) + NOTE: Crash in CLI tool, no security impact and affected code not built, see as well #1019602 CVE-2022-35034 (OTFCC commit 617837b was discovered to contain a heap buffer overflow ...) - TODO: check + - texlive-bin (unimportant) + [bullseye] - texlive-bin (Vulnerable code not present) + [buster] - texlive-bin (Vulnerable code not present) + NOTE: Crash in CLI tool, no security impact and affected code not built, see as well #1019602 CVE-2022-35033 RESERVED CVE-2022-35032 (OTFCC commit 617837b was discovered to contain a segmentation violatio ...) - TODO: check + - texlive-bin (unimportant) + [bullseye] - texlive-bin (Vulnerable code not present) + [buster] - texlive-bin (Vulnerable code not present) + NOTE: Crash in CLI tool, no security impact and affected code not built, see as well #1019602 CVE-2022-35031 (OTFCC commit 617837b was discovered to contain a segmentation violatio ...) - TODO: check + - texlive-bin (unimportant) + [bullseye] - texlive-bin (Vulnerable code not present) + [buster] - texlive-bin (Vulnerable code not present) + NOTE: Crash in CLI tool, no security impact and affected code not built, see as well #1019602 CVE-2022-35030 (OTFCC commit 617837b was discovered to contain a segmentation violatio ...) - TODO: check + - texlive-bin (unimportant) + [bullseye] - texlive-bin (Vulnerable code not present) + [buster] - texlive-bin (Vulnerable code not present) + NOTE: Crash in CLI tool, no security impact and affected code not built, see as well #1019602 CVE-2022-35029 (OTFCC commit 617837b was discovered to contain a segmentation violatio ...) - TODO: check + - texlive-bin (unimportant) + [bullseye] - texlive-bin (Vulnerable code not present) + [buster] - texlive-bin (Vulnerable code not present) + NOTE: Crash in CLI tool, no security impact and affected code not built, see as well #1019602 CVE-2022-35028 (OTFCC commit 617837b was discovered to contain a segmentation violatio ...) - TODO: check + - texlive-bin (unimportant) + [bullseye] - texlive-bin (Vulnerable code not present) + [buster] - texlive-bin (Vulnerable code not present) + NOTE: Crash in CLI tool, no security impact and affected code not built, see as well #1019602 CVE-2022-35027 (OTFCC commit 617837b was discovered to contain a segmentation violatio ...) - TODO: check + - texlive-bin (unimportant) + [bullseye] - texlive-bin (Vulnerable code not present) + [buster] - texlive-bin (Vulnerable code not present) + NOTE: Crash in CLI tool, no security impact and affected code not built, see as well #1019602 CVE-2022-35026 (OTFCC commit 617837b was discovered to contain a segmentation violatio ...) - TODO: check + - texlive-bin (unimportant) + [bullseye] - texlive-bin (Vulnerable code not present) + [buster] - texlive-bin (Vulnerable code not present) + NOTE: Crash in CLI tool, no security impact and affected code not built, see as well #1019602 CVE-2022-35025 (OTFCC commit 617837b was discovered to contain a segmentation violatio ...) - TODO: check + - texlive-bin (unimportant) + [bullseye] - texlive-bin (Vulnerable code not present) + [buster] - texlive-bin (Vulnerable code not present) + NOTE: Crash in CLI tool, no security impact and affected code not built, see as well #1019602 CVE-2022-35024 (OTFCC commit 617837b was discovered to contain a segmentation violatio ...) - TODO: check + - texlive-bin (unimportant) + [bullseye] - texlive-bin (Vulnerable code not present) + [buster] - texlive-bin (Vulnerable code not present) + NOTE: Crash in CLI tool, no security impact and affected code not built, see as well #1019602 CVE-2022-35023 (OTFCC commit 617837b was discovered to contain a segmentation violatio ...) - TODO: check + - texlive-bin (unimportant) + [bullseye] - texlive-bin (Vulnerable code not present) + [buster] - texlive-bin (Vulnerable code not present) + NOTE: Crash in CLI tool, no security impact and affected code not built, see as well #1019602 CVE-2022-35022 (OTFCC commit 617837b was discovered to contain a segmentation violatio ...) - TODO: check + - texlive-bin (unimportant) + [bullseye] - texlive-bin (Vulnerable code not present) + [buster] - texlive-bin (Vulnerable code not present) + NOTE: Crash in CLI tool, no security impact and affected code not built, see as well #1019602 CVE-2022-35021 (OTFCC commit 617837b was discovered to contain a global buffer overflo ...) - TODO: check + - texlive-bin (unimportant) + [bullseye] - texlive-bin (Vulnerable code not present) + [buster] - texlive-bin (Vulnerable code not present) + NOTE: Crash in CLI tool, no security impact and affected code not built, see as well #1019602 CVE-2022-35020 (Advancecomp v2.3 was discovered to contain a heap buffer overflow via ...) - advancecomp (unimportant; bug #1019592) NOTE: https://github.com/Cvjark/Poc/blob/main/advancecomp/CVE-2022-35020.md -- cgit v1.2.3