From 84d2c8799b55ec27c1facad007ec940b85875c73 Mon Sep 17 00:00:00 2001
From: Moritz Muehlenhoff <jmm@debian.org>
Date: Fri, 27 May 2022 00:41:10 +0200
Subject: buster/bullseye triage

---
 data/CVE/list | 11 ++++++++---
 1 file changed, 8 insertions(+), 3 deletions(-)

(limited to 'data/CVE/list')

diff --git a/data/CVE/list b/data/CVE/list
index 8aa1509858..6a634ff7eb 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -293,11 +293,10 @@ CVE-2022-31619
 CVE-2022-1887
 	RESERVED
 CVE-2022-1886 (Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. ...)
-	- vim <unfixed>
-	[bullseye] - vim <no-dsa> (Minor issue)
-	[buster] - vim <no-dsa> (Minor issue)
+	- vim <unfixed> (unimportant)
 	NOTE: https://huntr.dev/bounties/fa0ad526-b608-45b3-9ebc-f2b607834d6a
 	NOTE: https://github.com/vim/vim/commit/2a585c85013be22f59f184d49612074fd9b115d7 (v8.2.5016)
+	NOTE: Crash in CLI tool, no security impact
 CVE-2022-1885
 	RESERVED
 CVE-2022-1884
@@ -13610,6 +13609,8 @@ CVE-2022-26968
 	RESERVED
 CVE-2022-26967 (GPAC 2.0 allows a heap-based buffer overflow in gf_base64_encode. It c ...)
 	- gpac <unfixed> (bug #1007224)
+	[bullseye] - gpac <no-dsa> (Minor issue)
+	[buster] - gpac <no-dsa> (Minor issue)
 	[stretch] - gpac <end-of-life> (No longer supported in LTS)
 	NOTE: https://github.com/gpac/gpac/issues/2138
 	NOTE: https://github.com/gpac/gpac/commit/ea1eca00fd92fa17f0e25ac25652622924a9a6a0
@@ -25452,6 +25453,8 @@ CVE-2022-0218 (The WP HTML Mail WordPress plugin is vulnerable to unauthorized a
 CVE-2022-0216
 	RESERVED
 	- qemu <unfixed>
+	[bullseye] - qemu <no-dsa> (Minor issue)
+	[buster] - qemu <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2036953
 	NOTE: https://starlabs.sg/advisories/22-0216
 	NOTE: https://gitlab.com/qemu-project/qemu/-/issues/972
@@ -159323,6 +159326,8 @@ CVE-2020-8860 (This vulnerability allows remote attackers to execute arbitrary c
 CVE-2020-8859 (This vulnerability allows remote attackers to create a denial-of-servi ...)
 	{DLA-3014-1}
 	- elog <removed>
+	[bullseye] - elog <ignored> (Minor issue)
+	[buster] - elog <ignored> (Minor issue)
 	NOTE: https://elog.psi.ch/elogs/Forum/69114
 	NOTE: https://www.zerodayinitiative.com/advisories/ZDI-20-252/
 	NOTE: https://bitbucket.org/ritt/elog/commits/033e292301fa569738b20768b8d1f1d7d0bc1ca7
-- 
cgit v1.2.3