Log

AVG-2809 created at 25 Jan 2023 21:55:34
Packages
+ python-django
Issues
+ CVE-2022-41323
Status
+ Unknown
Severity
+ Unknown
Affected
+ 4.1-1
Fixed
+ 4.1.2-1
Ticket
Advisory qualified
+ No
References
+ https://www.djangoproject.com/weblog/2022/oct/04/security-releases/
Notes
CVE-2022-41323 created at 25 Jan 2023 21:55:34
AVG-2808 created at 25 Jan 2023 21:50:32
Packages
+ python-django
Issues
+ CVE-2022-22818
+ CVE-2022-23833
Status
+ Fixed
Severity
+ Unknown
Affected
+ 3.2.10-1
Fixed
+ 4.0.2-1
Ticket
Advisory qualified
+ No
References
+ https://www.djangoproject.com/weblog/2022/feb/01/security-releases/
Notes
CVE-2022-23833 created at 25 Jan 2023 21:50:32
AVG-2808 created at 25 Jan 2023 21:50:32
Packages
+ python-django
Issues
+ CVE-2022-22818
+ CVE-2022-23833
Status
+ Fixed
Severity
+ Unknown
Affected
+ 3.2.10-1
Fixed
+ 4.0.2-1
Ticket
Advisory qualified
+ No
References
+ https://www.djangoproject.com/weblog/2022/feb/01/security-releases/
Notes
CVE-2022-22818 created at 25 Jan 2023 21:50:32
AVG-2807 edited at 25 Jan 2023 21:44:29
Status
- Unknown
+ Fixed
AVG-2807 created at 25 Jan 2023 21:44:22
Packages
+ libreoffice-still
Issues
+ CVE-2022-3140
Status
+ Unknown
Severity
+ Unknown
Affected
+ 7.3.5-3
Fixed
+ 7.3.6-1
Ticket
Advisory qualified
+ No
References
Notes
CVE-2022-3140 edited at 25 Jan 2023 21:43:33
Description
+ links using that scheme could be constructed to call internal macros with arbitrary arguments. Which when clicked on, or activated by document events, could result in arbitrary script execution without warning.
References
+ https://www.libreoffice.org/about-us/security/advisories/cve-2022-3140
Notes
AVG-2806 created at 25 Jan 2023 21:41:59
Packages
+ libreoffice-fresh
Issues
+ CVE-2022-3140
Status
+ Fixed
Severity
+ Unknown
Affected
+ 7.4.0-4
Fixed
+ 7.4.1-1
Ticket
Advisory qualified
+ No
References
Notes
CVE-2022-3140 created at 25 Jan 2023 21:41:59
CVE-2022-42012 edited at 25 Jan 2023 21:15:21
Description
+ A message in non-native endianness with out-of-band Unix file descriptors would cause a use-after-free and possible memory corruption in production builds, or an assertion failure in debug builds.
References
+ https://gitlab.freedesktop.org/dbus/dbus/-/commit/236f16e444e88a984cf12b09225e0f8efa6c5b44
Notes
CVE-2022-42011 edited at 25 Jan 2023 21:14:26
Description
+ An invalid array of fixed-length elements where the length of the array is not a multiple of the length of the element would cause an assertion failure in debug builds or an out-of-bounds read in production builds.
References
+ https://gitlab.freedesktop.org/dbus/dbus/-/commit/079bbf16186e87fb0157adf8951f19864bc2ed69
Notes
CVE-2022-42010 edited at 25 Jan 2023 21:13:16
Description
+ A syntactically invalid type signature with incorrectly nested parentheses and curly brackets would cause an assertion failure in debug builds. Similar messages could potentially result in a crash or incorrect message processing in a production build.
References
+ https://gitlab.freedesktop.org/dbus/dbus/-/commit/9d07424e9011e3bbe535e83043d335f3093d2916
Notes