Ubuntu CVE Tracker

Merge ~mainek00n/ubuntu-cve-tracker:patch-1 into ubuntu-cve-tracker:master

  1. Git
  2. lp:~mainek00n/ubuntu-cve-tracker
  3. patch-1
  4. Merge into master
Proposed by MaineK00n
Status: Merged
Merged at revision: 6af7e65807722faba358be272b98960528d6ea9c
Proposed branch: ~mainek00n/ubuntu-cve-tracker:patch-1
Merge into: ubuntu-cve-tracker:master
Diff against target: 116 lines (+8/-7)
10 files modified
active/CVE-2018-12294 (+1/-0)
active/CVE-2021-23214 (+0/-1)
active/CVE-2021-23222 (+0/-1)
active/CVE-2022-1552 (+0/-2)
retired/CVE-2007-4351 (+1/-1)
retired/CVE-2008-4098 (+1/-1)
retired/CVE-2010-1850 (+2/-0)
retired/CVE-2011-1837 (+1/-0)
retired/CVE-2012-0809 (+1/-0)
retired/CVE-2012-3410 (+1/-1)
Reviewer Review Type Date Requested Status
Steve Beattie Approve
Review via email: mp+427960@code.launchpad.net
To post a comment you must log in.
Revision history for this message
Steve Beattie (sbeattie) wrote :

LGTM, merged.

One note, for the sudo cve, that issue was discovered and resolved while precise was under development and had not been released yet. When we retire a cve, we don't turn the `devel` status into the release name under development, so that results in things like this.

review: Approve
Revision history for this message
MaineK00n (mainek00n) wrote :

Thank you for the review.

In the case of CVE-2012-0809, I questioned why Tags are defined for precise, but not package status, and suggested a change.

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
diff --git a/active/CVE-2018-12294 b/active/CVE-2018-12294
index 2516412..a00e423 100644
--- a/active/CVE-2018-12294
+++ b/active/CVE-2018-12294
@@ -37,6 +37,7 @@ impish_webkitgtk: DNE
37jammy_webkitgtk: DNE37jammy_webkitgtk: DNE
38devel_webkitgtk: DNE38devel_webkitgtk: DNE
3939
40Patches_webkit2gtk:
40upstream_webkit2gtk: released (2.20.2)41upstream_webkit2gtk: released (2.20.2)
41precise/esm_webkit2gtk: DNE42precise/esm_webkit2gtk: DNE
42trusty_webkit2gtk: DNE43trusty_webkit2gtk: DNE
diff --git a/active/CVE-2021-23214 b/active/CVE-2021-23214
index 3a2d888..159be07 100644
--- a/active/CVE-2021-23214
+++ b/active/CVE-2021-23214
@@ -97,4 +97,3 @@ hirsute_postgresql-9.1: DNE
97impish_postgresql-9.1: DNE97impish_postgresql-9.1: DNE
98jammy_postgresql-9.1: DNE98jammy_postgresql-9.1: DNE
99devel_postgresql-9.1: DNE99devel_postgresql-9.1: DNE
100upstream_postgresql: needs-triage
diff --git a/active/CVE-2021-23222 b/active/CVE-2021-23222
index 548670f..4e7954c 100644
--- a/active/CVE-2021-23222
+++ b/active/CVE-2021-23222
@@ -96,4 +96,3 @@ hirsute_postgresql-9.1: DNE
96impish_postgresql-9.1: DNE96impish_postgresql-9.1: DNE
97jammy_postgresql-9.1: DNE97jammy_postgresql-9.1: DNE
98devel_postgresql-9.1: DNE98devel_postgresql-9.1: DNE
99upstream_postgresql: needs-triage
diff --git a/active/CVE-2022-1552 b/active/CVE-2022-1552
index d9ac331..df10fe1 100644
--- a/active/CVE-2022-1552
+++ b/active/CVE-2022-1552
@@ -97,5 +97,3 @@ focal_postgresql-9.1: DNE
97impish_postgresql-9.1: DNE97impish_postgresql-9.1: DNE
98jammy_postgresql-9.1: DNE98jammy_postgresql-9.1: DNE
99devel_postgresql-9.1: DNE99devel_postgresql-9.1: DNE
100Patches_postrgesql:
101upstream_postrgesql: needs-triage
diff --git a/retired/CVE-2007-4351 b/retired/CVE-2007-4351
index dffc1ba..c3b6482 100644
--- a/retired/CVE-2007-4351
+++ b/retired/CVE-2007-4351
@@ -16,7 +16,7 @@ Discovered-by:
16Assigned-to: kees16Assigned-to: kees
17CVSS: 17CVSS:
18upstream_cupsys: released (1.3.4)18upstream_cupsys: released (1.3.4)
19Tags_cups_gutsy: apparmor19Tags_cupsys_gutsy: apparmor
20dapper_cupsys: released (1.2.2-0ubuntu0.6.06.4)20dapper_cupsys: released (1.2.2-0ubuntu0.6.06.4)
21edgy_cupsys: released (1.2.4-2ubuntu3.1)21edgy_cupsys: released (1.2.4-2ubuntu3.1)
22feisty_cupsys: released (1.2.8-0ubuntu8.1)22feisty_cupsys: released (1.2.8-0ubuntu8.1)
diff --git a/retired/CVE-2008-4098 b/retired/CVE-2008-4098
index 121f267..cb4bbe8 100644
--- a/retired/CVE-2008-4098
+++ b/retired/CVE-2008-4098
@@ -36,4 +36,4 @@ devel_mysql-dfsg-5.0: not-affected (5.1.30really5.0.83-0ubuntu3)
36Tags_mysql-dfsg-5.0_hardy: apparmor36Tags_mysql-dfsg-5.0_hardy: apparmor
37Tags_mysql-dfsg-5.0_intrepid: apparmor37Tags_mysql-dfsg-5.0_intrepid: apparmor
38Tags_mysql-dfsg-5.0_jaunty: apparmor38Tags_mysql-dfsg-5.0_jaunty: apparmor
39Tags_mysql-dfsg-5.1_karmic: apparmor39Tags_mysql-dfsg-5.0_karmic: apparmor
diff --git a/retired/CVE-2010-1850 b/retired/CVE-2010-1850
index 633efb8..0a2974e 100644
--- a/retired/CVE-2010-1850
+++ b/retired/CVE-2010-1850
@@ -26,6 +26,7 @@ Patches_mysql-dfsg-5.0:
26upstream_mysql-dfsg-5.0: released (5.0.91)26upstream_mysql-dfsg-5.0: released (5.0.91)
27dapper_mysql-dfsg-5.0: released (5.0.22-0ubuntu6.06.14)27dapper_mysql-dfsg-5.0: released (5.0.22-0ubuntu6.06.14)
28hardy_mysql-dfsg-5.0: released (5.0.51a-3ubuntu5.7)28hardy_mysql-dfsg-5.0: released (5.0.51a-3ubuntu5.7)
29intrepid_mysql-dfsg-5.0: ignored (reached end-of-life)
29jaunty_mysql-dfsg-5.0: released (5.1.30really5.0.75-0ubuntu10.5)30jaunty_mysql-dfsg-5.0: released (5.1.30really5.0.75-0ubuntu10.5)
30karmic_mysql-dfsg-5.0: ignored (reached end-of-life)31karmic_mysql-dfsg-5.0: ignored (reached end-of-life)
31lucid_mysql-dfsg-5.0: DNE32lucid_mysql-dfsg-5.0: DNE
@@ -45,6 +46,7 @@ maverick_mysql-dfsg-5.1: DNE
45natty_mysql-dfsg-5.1: DNE46natty_mysql-dfsg-5.1: DNE
46devel_mysql-dfsg-5.1: DNE47devel_mysql-dfsg-5.1: DNE
4748
49Patches_mysql-5.1:
48upstream_mysql-5.1: needs-triage50upstream_mysql-5.1: needs-triage
49dapper_mysql-5.1: DNE51dapper_mysql-5.1: DNE
50hardy_mysql-5.1: DNE52hardy_mysql-5.1: DNE
diff --git a/retired/CVE-2011-1837 b/retired/CVE-2011-1837
index 968d19c..4ee0368 100644
--- a/retired/CVE-2011-1837
+++ b/retired/CVE-2011-1837
@@ -26,4 +26,5 @@ hardy_ecryptfs-utils: not-affected (code not present)
26lucid_ecryptfs-utils: released (83-0ubuntu3.2.10.04.1)26lucid_ecryptfs-utils: released (83-0ubuntu3.2.10.04.1)
27maverick_ecryptfs-utils: released (83-0ubuntu3.2.10.10.1)27maverick_ecryptfs-utils: released (83-0ubuntu3.2.10.10.1)
28natty_ecryptfs-utils: released (87-0ubuntu1.1)28natty_ecryptfs-utils: released (87-0ubuntu1.1)
29oneiric_ecryptfs-utils: released (89-0ubuntu2)
29devel_ecryptfs-utils: released (89-0ubuntu2)30devel_ecryptfs-utils: released (89-0ubuntu2)
diff --git a/retired/CVE-2012-0809 b/retired/CVE-2012-0809
index 745c094..b06d466 100644
--- a/retired/CVE-2012-0809
+++ b/retired/CVE-2012-0809
@@ -26,4 +26,5 @@ lucid_sudo: not-affected
26maverick_sudo: not-affected26maverick_sudo: not-affected
27natty_sudo: not-affected27natty_sudo: not-affected
28oneiric_sudo: not-affected (1.7.4p6-1ubuntu2)28oneiric_sudo: not-affected (1.7.4p6-1ubuntu2)
29precise_sudo: released (1.8.3p1-1ubuntu3)
29devel_sudo: released (1.8.3p1-1ubuntu3)30devel_sudo: released (1.8.3p1-1ubuntu3)
diff --git a/retired/CVE-2012-3410 b/retired/CVE-2012-3410
index 866389b..8851e52 100644
--- a/retired/CVE-2012-3410
+++ b/retired/CVE-2012-3410
@@ -21,7 +21,7 @@ Assigned-to:
21CVSS: 21CVSS:
2222
23Tags_bash: fortify-source23Tags_bash: fortify-source
24Tags_hardy_bash: stack-protector24Tags_bash_hardy: stack-protector
25Patches_bash:25Patches_bash:
26 other: ftp://ftp.gnu.org/pub/gnu/bash/bash-4.2-patches/bash42-03326 other: ftp://ftp.gnu.org/pub/gnu/bash/bash-4.2-patches/bash42-033
27upstream_bash: released (4.2-4)27upstream_bash: released (4.2-4)

Subscribers

People subscribed via source and target branches