Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

gsasl: Out-of-bound-read before version 2.0.1 #4588

Open
CamberLoid opened this issue Jun 20, 2023 · 0 comments
Open

gsasl: Out-of-bound-read before version 2.0.1 #4588

CamberLoid opened this issue Jun 20, 2023 · 0 comments
Assignees
@CamberLoid
Labels
security Topic/issue involves a security issue/fixed

Comments

@CamberLoid
Copy link
Member

CVE IDs

CVE-2022-2469

Other security advisory IDs

Debian: https://www.debian.org/security/2022/dsa-5189

Description

A out-of-bound read vulnerability of GNU SASL gsasl has been discovered and reported.
As this package is not in our core system component, and only affect server-side, this issue will only be considered "Low Severity" and is subjected to be fixed on next roll-up security topic.

Patches

Update to upstream latest 2.2.0

PoC(s)

N/A
@CamberLoid CamberLoid added the security Topic/issue involves a security issue/fixed label Jun 20, 2023
@CamberLoid CamberLoid added this to the Semi-Annually Security Survey 2023H1 milestone Jun 20, 2023
@CamberLoid CamberLoid self-assigned this Jun 20, 2023
@MingcongBai MingcongBai removed this from the Semi-Annually Security Survey 2023H1 milestone Mar 4, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@CamberLoid CamberLoid

Labels
security Topic/issue involves a security issue/fixed
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@MingcongBai @CamberLoid