There are 2 open security issues in bullseye.
2 issues left for the package maintainer to handle:
- CVE-2022-39831:
(needs triaging)
An issue was discovered in PSPP 1.6.2. There is a heap-based buffer overflow at the function read_bytes_internal in utilities/pspp-dump-sav.c, which allows attackers to cause a denial of service (application crash) or possibly have unspecified other impact. This issue is different from CVE-2018-20230.
- CVE-2022-39832:
(needs triaging)
An issue was discovered in PSPP 1.6.2. There is a heap-based buffer overflow at the function read_string in utilities/pspp-dump-sav.c, which allows attackers to cause a denial of service (application crash) or possibly have unspecified other impact.
You can find information about how to handle these issues in the security team's documentation.