diff options
| author | Moritz Muehlenhoff <jmm@debian.org> | 2022-02-14 16:47:11 +0100 |
|---|---|---|
| committer | Moritz Muehlenhoff <jmm@debian.org> | 2022-02-14 16:47:51 +0100 |
| commit | 249ccd96bc0d049de21e2fb5974a7f5351d1007d (patch) | |
| tree | b6ea5978eeffc4028e007c88a677ff4ff81df239 | |
| parent | 17de21399158f6100b9c23f61e6367a52a32a7af (diff) | |
buster/bullseye triage
| -rw-r--r-- | data/CVE/list.2021 | 3 | ||||
| -rw-r--r-- | data/CVE/list.2022 | 10 |
2 files changed, 8 insertions, 5 deletions
diff --git a/data/CVE/list.2021 b/data/CVE/list.2021 index 4e80b8478a..8dda8cf42a 100644 --- a/data/CVE/list.2021 +++ b/data/CVE/list.2021 @@ -1618,9 +1618,10 @@ CVE-2021-46021 (An Use-After-Free vulnerability in rec_record_destroy() at rec-r NOTE: Negligible security impact CVE-2021-46020 (An untrusted pointer dereference in mrb_vm_exec() of mruby v3.0.0 can ...) - mruby <unfixed> + [bullseye] - mruby <no-dsa> (Minor issue) + [buster] - mruby <no-dsa> (Minor issue) [stretch] - mruby <postponed> (revisit when/if fix is complete) NOTE: https://github.com/mruby/mruby/issues/5613 - TODO: check details CVE-2021-46019 (An untrusted pointer dereference in rec_db_destroy() at rec-db.c of GN ...) - recutils <unfixed> (unimportant) NOTE: https://lists.gnu.org/archive/html/bug-recutils/2021-12/msg00009.html diff --git a/data/CVE/list.2022 b/data/CVE/list.2022 index c0b30fef8c..eafb3c672e 100644 --- a/data/CVE/list.2022 +++ b/data/CVE/list.2022 @@ -1692,14 +1692,14 @@ CVE-2022-0498 REJECTED CVE-2022-0497 RESERVED - - openscad 2021.01-4 (bug #1005641) - [stretch] - openscad <no-dsa> (Minor issue) + - openscad 2021.01-4 (unimportant; bug #1005641) NOTE: https://github.com/openscad/openscad/issues/4043 + NOTE: Crash in CLI tool, no security impact CVE-2022-0496 RESERVED - - openscad 2021.01-4 (bug #1005641) - [stretch] - openscad <no-dsa> (Minor issue) + - openscad 2021.01-4 (unimportant; bug #1005641) NOTE: https://github.com/openscad/openscad/issues/4037 + NOTE: Crash in CLI tool, no security impact CVE-2022-0495 RESERVED CVE-2022-0494 @@ -1999,6 +1999,8 @@ CVE-2022-24304 CVE-2022-24303 RESERVED - pillow <unfixed> + [bullseye] - pillow <ignored> (Minor issue) + [buster] - pillow <ignored> (Minor issue) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2052682 NOTE: https://pillow.readthedocs.io/en/stable/releasenotes/9.0.1.html#security NOTE: https://github.com/python-pillow/Pillow/commit/427221ef5f19157001bf8b1ad7cfe0b905ca8c26 (9.0.1) |