Add CVE-2022-0563/util-linux

author: Salvatore Bonaccorso <carnil@debian.org> 2022-02-14 22:33:49 +0100
committer: Salvatore Bonaccorso <carnil@debian.org> 2022-02-14 22:33:49 +0100
commit: 42159afdacebf79807404919b3501a4a765aa1c3 (patch)
tree: 61fba20ad735eb796194f8c5bec00e9d1e2c765e
parent: 2eca4f50f4c75f194af0f583d5896e66233c0927 (diff)
1 files changed, 5 insertions, 1 deletions
diff --git a/data/CVE/2022.list b/data/CVE/2022.list
index 3081d34d7f..26651ef4f5 100644
--- a/data/CVE/2022.list
+++ b/data/CVE/2022.list
@@ -1021,8 +1021,12 @@ CVE-2022-23922
 	RESERVED
 CVE-2022-23104
 	RESERVED
-CVE-2022-0563
+CVE-2022-0563 [partial disclosure of arbitrary files in chfn and chsh when compiled with libreadline]
 	RESERVED
+	- util-linux <unfixed>
+	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2053151
+	NOTE: https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u
+	NOTE: https://github.com/util-linux/util-linux/commit/faa5a3a83ad0cb5e2c303edbfd8cd823c9d94c17
 CVE-2022-0562 (Null source pointer passed as an argument to memcpy() function within  ...)
 	- tiff 4.3.0-4
 	[bullseye] - tiff <no-dsa> (Minor issue)
author	Salvatore Bonaccorso <carnil@debian.org>	2022-02-14 22:33:49 +0100
committer	Salvatore Bonaccorso <carnil@debian.org>	2022-02-14 22:33:49 +0100
commit	42159afdacebf79807404919b3501a4a765aa1c3 (patch)
tree	61fba20ad735eb796194f8c5bec00e9d1e2c765e
parent	2eca4f50f4c75f194af0f583d5896e66233c0927 (diff)