automatic update

author: security tracker role <sectracker@soriano.debian.org> 2022-02-13 20:10:28 +0000
committer: security tracker role <sectracker@soriano.debian.org> 2022-02-13 20:10:28 +0000
commit: 4bd2244256d1f04bfa9aa408d3c9f562ff33c56f (patch)
tree: 5f97abbe6fc21b9d1c15a218c5645f0efd4e3df0 /data
parent: 4d1c01ac31437cd55d01b88bfeb06cc5b1920633 (diff)
2 files changed, 24 insertions, 14 deletions
diff --git a/data/CVE/list.2021 b/data/CVE/list.2021
index 7669940007..af1007b6ef 100644
--- a/data/CVE/list.2021
+++ b/data/CVE/list.2021
@@ -4651,8 +4651,7 @@ CVE-2021-44881 (D-Link device DIR_882 DIR_882_FW1.30B06_Hotfix_02 was discovered
 	NOT-FOR-US: D-Link
 CVE-2021-44880 (D-Link devices DIR_878 DIR_878_FW1.30B08_Hotfix_02 and DIR_882 DIR_882 ...)
 	NOT-FOR-US: D-Link
-CVE-2021-44879
-	RESERVED
+CVE-2021-44879 (In gc_data_segment in fs/f2fs/gc.c in the Linux kernel before 5.16.3,  ...)
 	- linux 5.16.7-1
 	NOTE: https://www.openwall.com/lists/oss-security/2022/02/12/1
 	NOTE: Fixed by: https://git.kernel.org/linus/9056d6489f5a41cfbb67f719d2c0ce61ead72d9f (5.17-rc1)
diff --git a/data/CVE/list.2022 b/data/CVE/list.2022
index 9e51838292..f1f80424ca 100644
--- a/data/CVE/list.2022
+++ b/data/CVE/list.2022
@@ -1,4 +1,16 @@
-CVE-2022-24976 [authentication bypass by ending an IRC handshake at a certain point during a challenge-response login sequence]
+CVE-2022-24980
+	RESERVED
+CVE-2022-24979
+	RESERVED
+CVE-2022-24978
+	RESERVED
+CVE-2022-24977 (ImpressCMS before 1.4.2 allows unauthenticated remote code execution v ...)
+	TODO: check
+CVE-2022-0579
+	RESERVED
+CVE-2022-0578
+	RESERVED
+CVE-2022-24976 (Atheme IRC Services before 7.2.12, when used in conjunction with InspI ...)
 	- atheme-services <unfixed>
 	[bullseye] - atheme-services <no-dsa> (Minor issue; can be fixed via point release)
 	[buster] - atheme-services <no-dsa> (Minor issue; can be fixed via point release)
@@ -14,15 +26,14 @@ CVE-2022-0574
 	RESERVED
 CVE-2022-0573
 	RESERVED
-CVE-2022-0572 [crash when repeatedly using :retab]
-	RESERVED
+CVE-2022-0572 (Heap-based Buffer Overflow in Conda vim prior to 8.2. ...)
 	- vim <unfixed>
 	[bullseye] - vim <no-dsa> (Minor issue)
 	[buster] - vim <no-dsa> (Minor issue)
 	NOTE: https://huntr.dev/bounties/bf3e0643-03e9-4436-a1c8-74e7111c32bf
 	NOTE: https://github.com/vim/vim/commit/6e28703a8e41f775f64e442c5d11ce1ff599aa3f (v8.2.4359)
-CVE-2022-0571
-	RESERVED
+CVE-2022-0571 (Cross-site Scripting (XSS) - Reflected in Homebrew phoronixtestsuite p ...)
+	TODO: check
 CVE-2022-0570 (Heap-based Buffer Overflow in Homebrew mruby prior to 3.2. ...)
 	- mruby <not-affected> (Vulnerable code introduced later)
 	NOTE: https://huntr.dev/bounties/65a7632e-f95b-4836-b1a7-9cb95e5124f1
@@ -6007,7 +6018,7 @@ CVE-2022-22765 (BD Viper LT system, versions 2.0 and later, contains hardcoded c
 	NOT-FOR-US: BD Viper LT system
 CVE-2022-22764
 	RESERVED
-	{DSA-5069-1 DLA-2916-1}
+	{DSA-5074-1 DSA-5069-1 DLA-2916-1}
 	- firefox 97.0-1
 	- firefox-esr 91.6.0esr-1
 	- thunderbird 1:91.6.0-1
@@ -6016,7 +6027,7 @@ CVE-2022-22764
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2022-06/#CVE-2022-22764
 CVE-2022-22763
 	RESERVED
-	{DSA-5069-1 DLA-2916-1}
+	{DSA-5074-1 DSA-5069-1 DLA-2916-1}
 	- firefox-esr 91.6.0esr-1
 	- thunderbird 1:91.6.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2022-05/#CVE-2022-22763
@@ -6027,7 +6038,7 @@ CVE-2022-22762
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2022-04/#CVE-2022-22762
 CVE-2022-22761
 	RESERVED
-	{DSA-5069-1 DLA-2916-1}
+	{DSA-5074-1 DSA-5069-1 DLA-2916-1}
 	- firefox 97.0-1
 	- firefox-esr 91.6.0esr-1
 	- thunderbird 1:91.6.0-1
@@ -6036,7 +6047,7 @@ CVE-2022-22761
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2022-06/#CVE-2022-22761
 CVE-2022-22760
 	RESERVED
-	{DSA-5069-1 DLA-2916-1}
+	{DSA-5074-1 DSA-5069-1 DLA-2916-1}
 	- firefox 97.0-1
 	- firefox-esr 91.6.0esr-1
 	- thunderbird 1:91.6.0-1
@@ -6045,7 +6056,7 @@ CVE-2022-22760
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2022-06/#CVE-2022-22760
 CVE-2022-22759
 	RESERVED
-	{DSA-5069-1 DLA-2916-1}
+	{DSA-5074-1 DSA-5069-1 DLA-2916-1}
 	- firefox 97.0-1
 	- firefox-esr 91.6.0esr-1
 	- thunderbird 1:91.6.0-1
@@ -6063,7 +6074,7 @@ CVE-2022-22757
 	TODO: check if WebDriver enabled, if not demote severity to unimportant
 CVE-2022-22756
 	RESERVED
-	{DSA-5069-1 DLA-2916-1}
+	{DSA-5074-1 DSA-5069-1 DLA-2916-1}
 	- firefox 97.0-1
 	- firefox-esr 91.6.0esr-1
 	- thunderbird 1:91.6.0-1
@@ -6076,7 +6087,7 @@ CVE-2022-22755
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2022-04/#CVE-2022-22755
 CVE-2022-22754
 	RESERVED
-	{DSA-5069-1 DLA-2916-1}
+	{DSA-5074-1 DSA-5069-1 DLA-2916-1}
 	- firefox 97.0-1
 	- firefox-esr 91.6.0esr-1
 	- thunderbird 1:91.6.0-1
author	security tracker role <sectracker@soriano.debian.org>	2022-02-13 20:10:28 +0000
committer	security tracker role <sectracker@soriano.debian.org>	2022-02-13 20:10:28 +0000
commit	4bd2244256d1f04bfa9aa408d3c9f562ff33c56f (patch)
tree	5f97abbe6fc21b9d1c15a218c5645f0efd4e3df0 /data
parent	4d1c01ac31437cd55d01b88bfeb06cc5b1920633 (diff)