diff options
| author | Moritz Muehlenhoff <jmm@debian.org> | 2022-07-05 14:24:01 +0200 |
|---|---|---|
| committer | Moritz Muehlenhoff <jmm@debian.org> | 2022-07-05 14:24:01 +0200 |
| commit | 3435575a92ec4f96060a99d7ce70871f22d4a867 (patch) | |
| tree | 3494e48a6a64e36b9024c70e820a4f04adeae7de | |
| parent | 870809503daeedbaddd825dff6f1c46113aec776 (diff) | |
remove navit, ezxml not used
update information on code copies for ezxml
buster/bullseye triage
| -rw-r--r-- | data/CVE/list | 169 | ||||
| -rw-r--r-- | data/embedded-code-copies | 6 |
2 files changed, 92 insertions, 83 deletions
diff --git a/data/CVE/list b/data/CVE/list index e328e8e604..9fb8447ec3 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -13818,8 +13818,15 @@ CVE-2022-30046 RESERVED CVE-2022-30045 (An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezx ...) - mapcache <unfixed> (unimportant; bug #1014389) - - navit <unfixed> (bug #1014390) - scilab <unfixed> (bug #1014391) + [bullseye] - scilab <no-dsa> (Minor issue) + [buster] - scilab <no-dsa> (Minor issue) + - netcdf 1:4.9.0-1 + [bullseye] - netcdf <ignored> (Minor issue) + [buster] - netcdf <ignored> (Minor issue) + - netcdf-parallel 1:4.9.0-1 (bug #989361) + [bullseye] - netcdf-parallel <ignored> (Minor issue) + [buster] - netcdf-parallel <ignored> (Minor issue) NOTE: https://sourceforge.net/p/ezxml/bugs/29/ NOTE: mapcache only uses ezxml to parse config files which are trusted CVE-2022-30044 @@ -80472,12 +80479,12 @@ CVE-2021-31598 (An issue was discovered in libezxml.a in ezXML 0.8.6. The functi [bullseye] - scilab <no-dsa> (Minor issue) [buster] - scilab <no-dsa> (Minor issue) - netcdf 1:4.9.0-1 (bug #989360) - [bullseye] - netcdf <no-dsa> (Minor issue) - [buster] - netcdf <no-dsa> (Minor issue) + [bullseye] - netcdf <ignored> (Minor issue) + [buster] - netcdf <ignored> (Minor issue) [stretch] - netcdf <not-affected> (vulnerable code not present) - - netcdf-parallel <unfixed> (bug #989361) - [bullseye] - netcdf-parallel <no-dsa> (Minor issue) - [buster] - netcdf-parallel <no-dsa> (Minor issue) + - netcdf-parallel 1:4.9.0-1 (bug #989361) + [bullseye] - netcdf-parallel <ignored> (Minor issue) + [buster] - netcdf-parallel <ignored> (Minor issue) NOTE: https://sourceforge.net/p/ezxml/bugs/28/ NOTE: mapcache only uses ezxml to parse config files which are trusted CVE-2021-31597 (The xmlhttprequest-ssl package before 1.6.1 for Node.js disables SSL c ...) @@ -81120,12 +81127,12 @@ CVE-2021-31348 (An issue was discovered in libezxml.a in ezXML 0.8.6. The functi [bullseye] - scilab <no-dsa> (Minor issue) [buster] - scilab <no-dsa> (Minor issue) - netcdf 1:4.9.0-1 (bug #989360) - [bullseye] - netcdf <no-dsa> (Minor issue) - [buster] - netcdf <no-dsa> (Minor issue) + [bullseye] - netcdf <ignored> (Minor issue) + [buster] - netcdf <ignored> (Minor issue) [stretch] - netcdf <not-affected> (vulnerable code not present) - - netcdf-parallel <unfixed> (bug #989361) - [bullseye] - netcdf-parallel <no-dsa> (Minor issue) - [buster] - netcdf-parallel <no-dsa> (Minor issue) + - netcdf-parallel 1:4.9.0-1 (bug #989361) + [bullseye] - netcdf-parallel <ignored> (Minor issue) + [buster] - netcdf-parallel <ignored> (Minor issue) NOTE: https://sourceforge.net/p/ezxml/bugs/27/ NOTE: mapcache only uses ezxml to parse config files which are trusted CVE-2021-31347 (An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezx ...) @@ -81135,12 +81142,12 @@ CVE-2021-31347 (An issue was discovered in libezxml.a in ezXML 0.8.6. The functi [bullseye] - scilab <no-dsa> (Minor issue) [buster] - scilab <no-dsa> (Minor issue) - netcdf 1:4.9.0-1 (bug #989360) - [bullseye] - netcdf <no-dsa> (Minor issue) - [buster] - netcdf <no-dsa> (Minor issue) + [bullseye] - netcdf <ignored> (Minor issue) + [buster] - netcdf <ignored> (Minor issue) [stretch] - netcdf <not-affected> (vulnerable code not present) - - netcdf-parallel <unfixed> (bug #989361) - [bullseye] - netcdf-parallel <no-dsa> (Minor issue) - [buster] - netcdf-parallel <no-dsa> (Minor issue) + - netcdf-parallel 1:4.9.0-1 (bug #989361) + [bullseye] - netcdf-parallel <ignored> (Minor issue) + [buster] - netcdf-parallel <ignored> (Minor issue) NOTE: https://sourceforge.net/p/ezxml/bugs/27/ NOTE: mapcache only uses ezxml to parse config files which are trusted CVE-2021-31346 (A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All ...) @@ -81435,12 +81442,12 @@ CVE-2021-31229 (An issue was discovered in libezxml.a in ezXML 0.8.6. The functi [bullseye] - scilab <no-dsa> (Minor issue) [buster] - scilab <no-dsa> (Minor issue) - netcdf 1:4.9.0-1 (bug #989360) - [bullseye] - netcdf <no-dsa> (Minor issue) - [buster] - netcdf <no-dsa> (Minor issue) + [bullseye] - netcdf <ignored> (Minor issue) + [buster] - netcdf <ignored> (Minor issue) [stretch] - netcdf <not-affected> (vulnerable code not present) - - netcdf-parallel <unfixed> (bug #989361) - [bullseye] - netcdf-parallel <no-dsa> (Minor issue) - [buster] - netcdf-parallel <no-dsa> (Minor issue) + - netcdf-parallel 1:4.9.0-1 (bug #989361) + [bullseye] - netcdf-parallel <ignored> (Minor issue) + [buster] - netcdf-parallel <ignored> (Minor issue) NOTE: https://sourceforge.net/p/ezxml/bugs/26/ NOTE: mapcache only uses ezxml to parse config files which are trusted CVE-2021-31228 (An issue was discovered in HCC embedded InterNiche 4.0.1. This vulnera ...) @@ -83551,12 +83558,12 @@ CVE-2021-30485 (An issue was discovered in libezxml.a in ezXML 0.8.6. The functi [bullseye] - scilab <no-dsa> (Minor issue) [buster] - scilab <no-dsa> (Minor issue) - netcdf 1:4.9.0-1 (bug #989360) - [bullseye] - netcdf <no-dsa> (Minor issue) - [buster] - netcdf <no-dsa> (Minor issue) + [bullseye] - netcdf <ignored> (Minor issue) + [buster] - netcdf <ignored> (Minor issue) [stretch] - netcdf <not-affected> (vulnerable code not present) - - netcdf-parallel <unfixed> (bug #989361) - [bullseye] - netcdf-parallel <no-dsa> (Minor issue) - [buster] - netcdf-parallel <no-dsa> (Minor issue) + - netcdf-parallel 1:4.9.0-1 (bug #989361) + [bullseye] - netcdf-parallel <ignored> (Minor issue) + [buster] - netcdf-parallel <ignored> (Minor issue) NOTE: https://sourceforge.net/p/ezxml/bugs/25 NOTE: mapcache only uses ezxml to parse config files which are trusted CVE-2021-30484 @@ -94274,12 +94281,12 @@ CVE-2021-26222 (The ezxml_new function in ezXML 0.8.6 and earlier is vulnerable [buster] - scilab <no-dsa> (Minor issue) [stretch] - scilab <no-dsa> (Minor issue) - netcdf 1:4.9.0-1 (bug #989360) - [bullseye] - netcdf <no-dsa> (Minor issue) - [buster] - netcdf <no-dsa> (Minor issue) + [bullseye] - netcdf <ignored> (Minor issue) + [buster] - netcdf <ignored> (Minor issue) [stretch] - netcdf <not-affected> (vulnerable code not present) - - netcdf-parallel <unfixed> (bug #989361) - [bullseye] - netcdf-parallel <no-dsa> (Minor issue) - [buster] - netcdf-parallel <no-dsa> (Minor issue) + - netcdf-parallel 1:4.9.0-1 (bug #989361) + [bullseye] - netcdf-parallel <ignored> (Minor issue) + [buster] - netcdf-parallel <ignored> (Minor issue) NOTE: https://sourceforge.net/p/ezxml/bugs/22/ NOTE: mapcache only uses ezxml to parse config files which are trusted CVE-2021-26221 (The ezxml_new function in ezXML 0.8.6 and earlier is vulnerable to OOB ...) @@ -94289,12 +94296,12 @@ CVE-2021-26221 (The ezxml_new function in ezXML 0.8.6 and earlier is vulnerable [buster] - scilab <no-dsa> (Minor issue) [stretch] - scilab <no-dsa> (Minor issue) - netcdf 1:4.9.0-1 (bug #989360) - [bullseye] - netcdf <no-dsa> (Minor issue) - [buster] - netcdf <no-dsa> (Minor issue) + [bullseye] - netcdf <ignored> (Minor issue) + [buster] - netcdf <ignored> (Minor issue) [stretch] - netcdf <not-affected> (vulnerable code not present) - - netcdf-parallel <unfixed> (bug #989361) - [bullseye] - netcdf-parallel <no-dsa> (Minor issue) - [buster] - netcdf-parallel <no-dsa> (Minor issue) + - netcdf-parallel 1:4.9.0-1 (bug #989361) + [bullseye] - netcdf-parallel <ignored> (Minor issue) + [buster] - netcdf-parallel <ignored> (Minor issue) NOTE: https://sourceforge.net/p/ezxml/bugs/21/ NOTE: mapcache only uses ezxml to parse config files which are trusted CVE-2021-26220 (The ezxml_toxml function in ezxml 0.8.6 and earlier is vulnerable to O ...) @@ -94304,12 +94311,12 @@ CVE-2021-26220 (The ezxml_toxml function in ezxml 0.8.6 and earlier is vulnerabl [buster] - scilab <no-dsa> (Minor issue) [stretch] - scilab <no-dsa> (Minor issue) - netcdf 1:4.9.0-1 (bug #989360) - [bullseye] - netcdf <no-dsa> (Minor issue) - [buster] - netcdf <no-dsa> (Minor issue) + [bullseye] - netcdf <ignored> (Minor issue) + [buster] - netcdf <ignored> (Minor issue) [stretch] - netcdf <not-affected> (vulnerable code not present) - - netcdf-parallel <unfixed> (bug #989361) - [bullseye] - netcdf-parallel <no-dsa> (Minor issue) - [buster] - netcdf-parallel <no-dsa> (Minor issue) + - netcdf-parallel 1:4.9.0-1 (bug #989361) + [bullseye] - netcdf-parallel <ignored> (Minor issue) + [buster] - netcdf-parallel <ignored> (Minor issue) NOTE: https://sourceforge.net/p/ezxml/bugs/223/ NOTE: mapcache only uses ezxml to parse config files which are trusted CVE-2021-26219 @@ -178737,12 +178744,12 @@ CVE-2019-20202 (An issue was discovered in ezXML 0.8.3 through 0.8.6. The functi [buster] - scilab <no-dsa> (Minor issue) [stretch] - scilab <no-dsa> (Minor issue) - netcdf 1:4.9.0-1 (bug #989360) - [bullseye] - netcdf <no-dsa> (Minor issue) - [buster] - netcdf <no-dsa> (Minor issue) + [bullseye] - netcdf <ignored> (Minor issue) + [buster] - netcdf <ignored> (Minor issue) [stretch] - netcdf <not-affected> (vulnerable code not present) - - netcdf-parallel <unfixed> (bug #989361) - [bullseye] - netcdf-parallel <no-dsa> (Minor issue) - [buster] - netcdf-parallel <no-dsa> (Minor issue) + - netcdf-parallel 1:4.9.0-1 (bug #989361) + [bullseye] - netcdf-parallel <ignored> (Minor issue) + [buster] - netcdf-parallel <ignored> (Minor issue) NOTE: https://sourceforge.net/p/ezxml/bugs/17/ NOTE: mapcache only uses ezxml to parse config files which are trusted CVE-2019-20201 (An issue was discovered in ezXML 0.8.3 through 0.8.6. The ezxml_parse_ ...) @@ -178752,12 +178759,12 @@ CVE-2019-20201 (An issue was discovered in ezXML 0.8.3 through 0.8.6. The ezxml_ [buster] - scilab <no-dsa> (Minor issue) [stretch] - scilab <no-dsa> (Minor issue) - netcdf 1:4.9.0-1 (bug #989360) - [bullseye] - netcdf <no-dsa> (Minor issue) - [buster] - netcdf <no-dsa> (Minor issue) + [bullseye] - netcdf <ignored> (Minor issue) + [buster] - netcdf <ignored> (Minor issue) [stretch] - netcdf <not-affected> (vulnerable code not present) - - netcdf-parallel <unfixed> (bug #989361) - [bullseye] - netcdf-parallel <no-dsa> (Minor issue) - [buster] - netcdf-parallel <no-dsa> (Minor issue) + - netcdf-parallel 1:4.9.0-1 (bug #989361) + [bullseye] - netcdf-parallel <ignored> (Minor issue) + [buster] - netcdf-parallel <ignored> (Minor issue) NOTE: https://sourceforge.net/p/ezxml/bugs/16/ NOTE: mapcache only uses ezxml to parse config files which are trusted CVE-2019-20200 (An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezx ...) @@ -178767,12 +178774,12 @@ CVE-2019-20200 (An issue was discovered in ezXML 0.8.3 through 0.8.6. The functi [buster] - scilab <no-dsa> (Minor issue) [stretch] - scilab <no-dsa> (Minor issue) - netcdf 1:4.9.0-1 (bug #989360) - [bullseye] - netcdf <no-dsa> (Minor issue) - [buster] - netcdf <no-dsa> (Minor issue) + [bullseye] - netcdf <ignored> (Minor issue) + [buster] - netcdf <ignored> (Minor issue) [stretch] - netcdf <not-affected> (vulnerable code not present) - - netcdf-parallel <unfixed> (bug #989361) - [bullseye] - netcdf-parallel <no-dsa> (Minor issue) - [buster] - netcdf-parallel <no-dsa> (Minor issue) + - netcdf-parallel 1:4.9.0-1 (bug #989361) + [bullseye] - netcdf-parallel <ignored> (Minor issue) + [buster] - netcdf-parallel <ignored> (Minor issue) NOTE: https://sourceforge.net/p/ezxml/bugs/19/ NOTE: mapcache only uses ezxml to parse config files which are trusted CVE-2019-20199 (An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezx ...) @@ -178782,12 +178789,12 @@ CVE-2019-20199 (An issue was discovered in ezXML 0.8.3 through 0.8.6. The functi [buster] - scilab <no-dsa> (Minor issue) [stretch] - scilab <no-dsa> (Minor issue) - netcdf 1:4.9.0-1 (bug #989360) - [bullseye] - netcdf <no-dsa> (Minor issue) - [buster] - netcdf <no-dsa> (Minor issue) + [bullseye] - netcdf <ignored> (Minor issue) + [buster] - netcdf <ignored> (Minor issue) [stretch] - netcdf <not-affected> (vulnerable code not present) - - netcdf-parallel <unfixed> (bug #989361) - [bullseye] - netcdf-parallel <no-dsa> (Minor issue) - [buster] - netcdf-parallel <no-dsa> (Minor issue) + - netcdf-parallel 1:4.9.0-1 (bug #989361) + [bullseye] - netcdf-parallel <ignored> (Minor issue) + [buster] - netcdf-parallel <ignored> (Minor issue) NOTE: https://sourceforge.net/p/ezxml/bugs/18/ NOTE: mapcache only uses ezxml to parse config files which are trusted CVE-2019-20198 (An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezx ...) @@ -178797,12 +178804,12 @@ CVE-2019-20198 (An issue was discovered in ezXML 0.8.3 through 0.8.6. The functi [buster] - scilab <no-dsa> (Minor issue) [stretch] - scilab <no-dsa> (Minor issue) - netcdf 1:4.9.0-1 (bug #989360) - [bullseye] - netcdf <no-dsa> (Minor issue) - [buster] - netcdf <no-dsa> (Minor issue) + [bullseye] - netcdf <ignored> (Minor issue) + [buster] - netcdf <ignored> (Minor issue) [stretch] - netcdf <not-affected> (vulnerable code not present) - - netcdf-parallel <unfixed> (bug #989361) - [bullseye] - netcdf-parallel <no-dsa> (Minor issue) - [buster] - netcdf-parallel <no-dsa> (Minor issue) + - netcdf-parallel 1:4.9.0-1 (bug #989361) + [bullseye] - netcdf-parallel <ignored> (Minor issue) + [buster] - netcdf-parallel <ignored> (Minor issue) NOTE: https://sourceforge.net/p/ezxml/bugs/20/ NOTE: mapcache only uses ezxml to parse config files which are trusted CVE-2020-5178 @@ -181891,12 +181898,12 @@ CVE-2019-20007 (An issue was discovered in ezXML 0.8.2 through 0.8.6. The functi [buster] - scilab <no-dsa> (Minor issue) [stretch] - scilab <no-dsa> (Minor issue) - netcdf 1:4.9.0-1 (bug #989360) - [bullseye] - netcdf <no-dsa> (Minor issue) - [buster] - netcdf <no-dsa> (Minor issue) + [bullseye] - netcdf <ignored> (Minor issue) + [buster] - netcdf <ignored> (Minor issue) [stretch] - netcdf <not-affected> (vulnerable code not present) - - netcdf-parallel <unfixed> (bug #989361) - [bullseye] - netcdf-parallel <no-dsa> (Minor issue) - [buster] - netcdf-parallel <no-dsa> (Minor issue) + - netcdf-parallel 1:4.9.0-1 (bug #989361) + [bullseye] - netcdf-parallel <ignored> (Minor issue) + [buster] - netcdf-parallel <ignored> (Minor issue) NOTE: https://sourceforge.net/p/ezxml/bugs/13/ NOTE: mapcache only uses ezxml to parse config files which are trusted CVE-2019-20006 (An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezx ...) @@ -181906,12 +181913,12 @@ CVE-2019-20006 (An issue was discovered in ezXML 0.8.3 through 0.8.6. The functi [buster] - scilab <no-dsa> (Minor issue) [stretch] - scilab <no-dsa> (Minor issue) - netcdf 1:4.9.0-1 (bug #989360) - [bullseye] - netcdf <no-dsa> (Minor issue) - [buster] - netcdf <no-dsa> (Minor issue) + [bullseye] - netcdf <ignored> (Minor issue) + [buster] - netcdf <ignored> (Minor issue) [stretch] - netcdf <not-affected> (vulnerable code not present) - - netcdf-parallel <unfixed> (bug #989361) - [bullseye] - netcdf-parallel <no-dsa> (Minor issue) - [buster] - netcdf-parallel <no-dsa> (Minor issue) + - netcdf-parallel 1:4.9.0-1 (bug #989361) + [bullseye] - netcdf-parallel <ignored> (Minor issue) + [buster] - netcdf-parallel <ignored> (Minor issue) NOTE: https://sourceforge.net/p/ezxml/bugs/15/ NOTE: mapcache only uses ezxml to parse config files which are trusted CVE-2019-20005 (An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezx ...) @@ -181921,12 +181928,12 @@ CVE-2019-20005 (An issue was discovered in ezXML 0.8.3 through 0.8.6. The functi [buster] - scilab <no-dsa> (Minor issue) [stretch] - scilab <no-dsa> (Minor issue) - netcdf 1:4.9.0-1 (bug #989360) - [bullseye] - netcdf <no-dsa> (Minor issue) - [buster] - netcdf <no-dsa> (Minor issue) + [bullseye] - netcdf <ignored> (Minor issue) + [buster] - netcdf <ignored> (Minor issue) [stretch] - netcdf <not-affected> (vulnerable code not present) - - netcdf-parallel <unfixed> (bug #989361) - [bullseye] - netcdf-parallel <no-dsa> (Minor issue) - [buster] - netcdf-parallel <no-dsa> (Minor issue) + - netcdf-parallel 1:4.9.0-1 (bug #989361) + [bullseye] - netcdf-parallel <ignored> (Minor issue) + [buster] - netcdf-parallel <ignored> (Minor issue) NOTE: https://sourceforge.net/p/ezxml/bugs/14/ NOTE: mapcache only uses ezxml to parse config files which are trusted CVE-2019-20004 (An issue was discovered on Intelbras IWR 3000N 1.8.7 devices. When the ...) diff --git a/data/embedded-code-copies b/data/embedded-code-copies index 5ee2aaeb0f..0738e13114 100644 --- a/data/embedded-code-copies +++ b/data/embedded-code-copies @@ -3491,8 +3491,10 @@ ttmath (not packaged, https://www.ttmath.org/) - geos <unfixed> (modified-embed) ezxml (not packaged in Debian; no ITP) - - netcdf <unfixed> (embed; bug #989360) - - netcdf-parallel <unfixed> (embed; bug #989361) + - netcdf 1:4.9.0-1 (embed; bug #989360) + NOTE: netcdf switched to libxml2 in 4.9.0 + - netcdf-parallel 1:4.9.0-1 (embed; bug #989361) + NOTE: netcdf-parallel switched to libxml2 in 4.9.0 - navit <not-affected> (embed; bug #989362) - mapcache <unfixed> (embed; bug #989363) NOTE: mapcache only uses ezxml to parse config file, doesn't trust any trust boundary, no need to file bugs |