Distros list data for 2022

The data here is unfortunately incomplete and unreliable, resulting from automated processing of input that wasn't meant to be fully machine-readable.

Project	Subject	Reported	Coordinated Release Date	Time of oss-security posting	CVE(s)	Days embargoed (scheduled)	Days embargoed (oss-security)
December
	Re: Preview of X.Org Security Advisory for 2022-12-14	2022-12-05T23:28:51+00:00	2022-12-12T23:28:51+00:00	2022-12-14T01:23:51+00:00	CVE-2022-4283 CVE-2022-46283 CVE-2022-46340 CVE-2022-46341 CVE-2022-46342 CVE-2022-46343 CVE-2022-46344	7.00	8.04
November
	rxvt-unicode RCE	2022-11-28T00:51:42+00:00	2022-12-05T00:51:42+00:00	2022-12-05T11:22:33+00:00	CVE-2022-4170	7.00	7.42
	Re: Security sensitive bug in the i915 kernel driver	2022-11-23T15:31:14+00:00	2022-11-30T15:31:14+00:00	2022-11-30T10:22:16+00:00	CVE-2022-0330 CVE-2022-4139	7.00	6.75
	Fwd: [Security]Use after free in staging	2022-11-16T17:16:46+00:00	2022-11-23T17:16:46+00:00	2022-11-18T03:58:55+00:00	CVE-2015-0571 CVE-2021-28660 CVE-2022-4095	7.00	1.42
October
	Upcoming Git security fix release	2022-10-12T17:47:38+00:00	2022-10-19T17:47:38+00:00	2022-10-18T17:25:09+00:00	CVE-2022-39253 CVE-2022-39260	7.00	5.96
	Re: CVE-2022-2602 - Linux kernel UAF	2022-10-11T14:38:03+00:00	2022-10-18T14:38:03+00:00	2022-10-18T16:59:51+00:00	CVE-2022-2602	7.00	7.08
	…	2022-10-03T16:57:49+00:00	2022-10-10T16:57:49+00:00	2022-10-05T16:29:06+00:00	CVE-2022-2928 CVE-2022-2929	7.00	1.96
September
	…	2022-09-20T06:51:45+00:00	2022-09-27T06:51:45+00:00	2022-09-21T09:46:28+00:00	CVE-2022-2795 CVE-2022-2881 CVE-2022-2906 CVE-2022-3080 CVE-2022-38177 CVE-2022-38178	7.00	1.08
August
	[report 2/?] Report vmalloc UAF in dvb-core/dmxdev	2022-08-29T15:58:58+00:00	2022-09-05T15:58:58+00:00	2022-09-23T19:06:01+00:00	CVE-2022-41218	7.00	25.12
pcs	PCS Security Issue	2022-08-25T14:44:38+00:00	2022-09-01T14:00:00+00:00	2022-09-01T14:00:58+00:00	CVE-2022-2735	6.96	6.96
DPDK	CVE-2022-2132 public disclosure date notice [vs-plain]	2022-08-25T08:44:16+00:00	2022-08-29T15:00:00+00:00	2022-08-29T18:12:18+00:00	CVE-2022-2132	4.25	4.38
curl	curl: control code in cookie denial of service	2022-08-22T06:45:35+00:00	2022-08-31T23:59:58+00:00	2022-08-31T06:31:44+00:00	CVE-2022-35252	9.71	8.96
open-vm-tools	[SECURITY EMBARGOED] CVE-2022-31676: Local privilege escalation vulnerability in open-vm-tools	2022-08-11T15:33:18+00:00	2022-08-23T23:59:59+00:00	2022-08-23T20:10:48+00:00	CVE-2022-31676	12.33	12.17
Linux	Linux NAT issue	2022-08-03T01:55:09+00:00	2022-08-10T01:55:09+00:00	2022-08-30T02:27:44+00:00	CVE-2022-2663	7.00	27.00
Linux	Re: CVE-2022-2586	2022-08-03T00:23:10+00:00	2022-08-09T17:00:00+00:00	2022-08-09T17:10:35+00:00	CVE-2022-2586	6.67	6.67
Linux	CVE-2022-2585	2022-08-03T00:15:25+00:00	2022-08-09T17:00:00+00:00	2022-08-09T17:13:40+00:00	CVE-2022-2585	6.67	6.67
Linux	class_route UAF report (was Re: CVE-2022-2588)	2022-08-02T19:58:24+00:00	2022-08-09T17:00:00+00:00	2022-08-09T17:11:54+00:00	CVE-2011-1019 CVE-2022-2588	6.88	6.88
July
Linux	Re: …	2022-07-31T18:16:32+00:00	2022-08-07T18:16:32+00:00	2022-08-08T07:18:27+00:00	CVE-2016-5195 CVE-2022-2590	7.00	7.54
rsync	…	2022-07-25T08:42:15+00:00	2022-08-01T08:42:15+00:00	2022-08-02T08:53:25+00:00	CVE-2019-6111 CVE-2022-29154	7.00	8.00
Linux	CVE-2022-21505: Kernel lockdown bypass bug.	2022-07-12T17:54:51+00:00	2022-07-19T17:54:51+00:00	2022-07-19T17:02:12+00:00	CVE-2022-21505	7.00	6.96
xorg	Preview of X.Org Security Advisory for 2022-07-12	2022-07-05T18:40:01+00:00	2022-07-12T18:40:01+00:00	2022-07-12T12:58:15+00:00	CVE-2022-2319 CVE-2022-2320	7.00	6.75
git	Upcoming Git security fix release	2022-07-04T21:34:29+00:00	2022-07-11T21:34:29+00:00	2022-07-14T00:13:18+00:00	CVE-2022-24765 CVE-2022-29187	7.00	9.08
June
curl	(4/4) curl: FTP-KRB bad message verification	2022-06-20T06:31:22+00:00	2022-06-27T06:31:22+00:00	2022-06-27T06:21:14+00:00	CVE-2022-32208	7.00	6.96
curl	(3/4) curl: Unpreserved file permissions	2022-06-20T06:31:16+00:00	2022-06-27T06:31:16+00:00	2022-06-27T06:20:42+00:00	CVE-2022-32207	7.00	6.96
curl	(2/4) curl: HTTP compression denial of service	2022-06-20T06:31:12+00:00	2022-06-27T06:31:12+00:00	2022-06-27T06:20:10+00:00	CVE-2022-32206	7.00	6.96
curl	(1/4) curl: Set-Cookie denial of service	2022-06-20T06:31:08+00:00	2022-06-27T06:31:08+00:00	2022-06-27T06:19:23+00:00	CVE-2022-32205	7.00	6.96
grub	GRUB vulnerabilities disclosure on June 7th 10AM PDT	2022-06-03T16:39:33+00:00	2022-06-10T16:39:33+00:00	2022-06-07T19:04:13+00:00	CVE-2021-3695 CVE-2021-3696 CVE-2021-3697 CVE-2022-21499 CVE-2022-28733 CVE-2022-28734 CVE-2022-28735 CVE-2022-28736 CVE-2022-28737	7.00	4.08
github.com/containerd/containerd	containerd GHSA-5ffw-gxpp-mxpf	2022-06-01T21:14:13+00:00	2022-06-08T21:14:13+00:00	2022-06-06T19:45:34+00:00	CVE-2022-31030	7.00	4.92
May
Linux	linux-kernel: A use-after-free in __lock_acquire	2022-05-31T03:08:52+00:00	2022-06-07T03:08:52+00:00	2022-06-14T01:07:55+00:00	CVE-2022-1976	7.00	13.88
Linux	Out-of-bounds write vulnerability in nftable can lead to privilege escalation	2022-05-27T19:16:39+00:00	2022-06-03T19:16:39+00:00	2022-06-02T02:21:36+00:00	CVE-2022-1972	7.00	5.29
Linux	linux-kernel: A double-free in ntfs3 log_replay	2022-05-27T14:26:57+00:00	2022-06-03T14:26:57+00:00	2022-06-08T02:17:36+00:00	CVE-2022-1973	7.00	11.46
Linux	A race condition vulnerability in drivers/tty/tty_buffers.c	2022-05-26T21:37:00+00:00	2022-06-02T21:37:00+00:00	2022-05-27T14:47:05+00:00	CVE-2022-1462	7.00	0.71
Linux	EXTERNAL: Re: [vs-plain] Linux Kernel Vulnerability	2022-05-26T08:46:48+00:00	2022-06-02T08:46:48+00:00	2022-06-03T06:31:41+00:00	CVE-2022-1966	7.00	7.88
logrotate	Re: …	2022-05-25T13:19:31+00:00	2022-06-01T13:19:31+00:00	2022-05-25T13:37:24+00:00	CVE-2022-1348	7.00	0.00
March
Linux	Vulnerability in nf_tables can cause privilege escalation	2022-03-17T02:08:11+00:00	2022-03-24T02:08:11+00:00	2022-08-25T13:28:56+00:00	CVE-2022-1015 CVE-2022-1016	7.00	161.46¹⁾
Linux	CVE-2022-0847: overwriting read-only files on Linux	2022-03-07T12:01:19+00:00	2022-03-14T12:01:19+00:00	2022-08-08T07:18:27+00:00	CVE-2016-5195 CVE-2022-0847	7.00	153.79²⁾
February
Linux	Vulnerability in Linux kernels until 5.6.11	2022-02-28T08:20:32+00:00	2022-03-07T08:20:32+00:00	2022-03-07T12:01:19+00:00	CVE-2022-0847	7.00	7.12
January
Linux	Re: Vulnerability in the vmwgfx driver	2022-01-21T12:07:12+00:00	2022-01-28T12:07:12+00:00	2022-01-27T20:00:19+00:00	CVE-2022-22942	7.00	6.29
Linux	Re: Security sensitive bug in the i915 kernel driver	2022-01-18T14:32:16+00:00	2022-01-25T14:32:16+00:00	2022-01-25T17:55:25+00:00	CVE-2022-0330	7.00	7.12
rust	Re: CVE-2022-21658: TOCTOU in Rust's std::fs::remove_dir_all	2022-01-17T11:29:52+00:00	2022-01-24T11:29:52+00:00	2022-01-20T11:02:55+00:00	CVE-2021-3997 CVE-2022-21658	7.00	2.96
aide	Re: UNCHECKED CVE-2021-45417 - aide: heap-based buffer overflow vulnerability in base64 functions	2022-01-16T13:00:34+00:00	2022-01-23T13:00:34+00:00	2022-01-20T16:35:22+00:00	CVE-2021-45417	7.00	4.12
usbview	usbview polkit policy local root exploit (CVE-2022-23220)	2022-01-13T13:30:52+00:00	2022-01-20T13:30:52+00:00	2022-01-21T14:33:50+00:00	CVE-2022-23220	7.00	8.04
prosody	Re: Prosody XMPP Server 0.11.x Unauthenticated Remote Denial of Service / Resource Exhaustion	2022-01-12T07:58:16+00:00	2022-01-19T07:58:16+00:00	2022-01-13T17:07:44+00:00	CVE-2022-0217	7.00	1.38
polkit	Re: CVE-2021-4034 (patch)	2022-01-12T00:01:39+00:00	2022-01-19T00:01:39+00:00	2022-01-25T18:04:49+00:00	CVE-2021-4034	7.00	13.75
Linux	Out-of-bounds write of heap buffer in fs_context.c leads to LPE and container escape	2022-01-11T09:01:05+00:00	2022-01-18T09:01:05+00:00	2022-01-18T18:57:57+00:00	CVE-2022-0185 CVE-2022-0216	7.00	7.38
cryptsetup	Re: LUKS2 / cryptsetup: CVE-2021-4122 disabling encryption via header rewrite	2022-01-07T10:15:50+00:00	2022-01-14T10:15:50+00:00	2022-01-13T10:10:00+00:00	CVE-2021-4122	7.00	5.96
systemd	Re: CVE-2021-3997 in systemd	2022-01-04T07:14:29+00:00	2022-01-11T07:14:29+00:00	2022-01-11T00:01:34+00:00	CVE-2021-3997	7.00	6.67
Linux	Linux kernel: CVE-2021-4155	2022-01-03T17:32:24+00:00	2022-01-10T17:32:24+00:00	2022-01-10T12:19:47+00:00	CVE-2021-4155	7.00	6.75

¹⁾ This is not for real - a much later follow-up oss-security posting was wrongly picked up when automatically generating this data, whereas the original was apparently on March 28

²⁾ This is not for real - a much earlier linux-distros posting was wrongly picked up when automatically generating this data