[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
carnil at debian.org
Fri Apr 2 21:10:45 BST 2021
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
a3e05295 by security tracker role at 2021-04-02T20:10:36+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,239 @@
+CVE-2021-30124
+ RESERVED
+CVE-2021-30123
+ RESERVED
+CVE-2021-30122
+ RESERVED
+CVE-2021-30121
+ RESERVED
+CVE-2021-30120
+ RESERVED
+CVE-2021-30119
+ RESERVED
+CVE-2021-30118
+ RESERVED
+CVE-2021-30117
+ RESERVED
+CVE-2021-30116
+ RESERVED
+CVE-2021-30115
+ RESERVED
+CVE-2021-30114
+ RESERVED
+CVE-2021-30113
+ RESERVED
+CVE-2021-30112
+ RESERVED
+CVE-2021-30111
+ RESERVED
+CVE-2021-30110
+ RESERVED
+CVE-2021-30109
+ RESERVED
+CVE-2021-30108
+ RESERVED
+CVE-2021-30107
+ RESERVED
+CVE-2021-30106
+ RESERVED
+CVE-2021-30105
+ RESERVED
+CVE-2021-30104
+ RESERVED
+CVE-2021-30103
+ RESERVED
+CVE-2021-30102
+ RESERVED
+CVE-2021-30101
+ RESERVED
+CVE-2021-30100
+ RESERVED
+CVE-2021-30099
+ RESERVED
+CVE-2021-30098
+ RESERVED
+CVE-2021-30097
+ RESERVED
+CVE-2021-30096
+ RESERVED
+CVE-2021-30095
+ RESERVED
+CVE-2021-30094
+ RESERVED
+CVE-2021-30093
+ RESERVED
+CVE-2021-30092
+ RESERVED
+CVE-2021-30091
+ RESERVED
+CVE-2021-30090
+ RESERVED
+CVE-2021-30089
+ RESERVED
+CVE-2021-30088
+ RESERVED
+CVE-2021-30087
+ RESERVED
+CVE-2021-30086
+ RESERVED
+CVE-2021-30085
+ RESERVED
+CVE-2021-30084
+ RESERVED
+CVE-2021-30083
+ RESERVED
+CVE-2021-30082
+ RESERVED
+CVE-2021-30081
+ RESERVED
+CVE-2021-30080
+ RESERVED
+CVE-2021-30079
+ RESERVED
+CVE-2021-30078
+ RESERVED
+CVE-2021-30077
+ RESERVED
+CVE-2021-30076
+ RESERVED
+CVE-2021-30075
+ RESERVED
+CVE-2021-30074
+ RESERVED
+CVE-2021-30073
+ RESERVED
+CVE-2021-30072
+ RESERVED
+CVE-2021-30071
+ RESERVED
+CVE-2021-30070
+ RESERVED
+CVE-2021-30069
+ RESERVED
+CVE-2021-30068
+ RESERVED
+CVE-2021-30067
+ RESERVED
+CVE-2021-30066
+ RESERVED
+CVE-2021-30065
+ RESERVED
+CVE-2021-30064
+ RESERVED
+CVE-2021-30063
+ RESERVED
+CVE-2021-30062
+ RESERVED
+CVE-2021-30061
+ RESERVED
+CVE-2021-30060
+ RESERVED
+CVE-2021-30059
+ RESERVED
+CVE-2021-30058
+ RESERVED
+CVE-2021-30057
+ RESERVED
+CVE-2021-30056
+ RESERVED
+CVE-2021-30055
+ RESERVED
+CVE-2021-30054
+ RESERVED
+CVE-2021-30053
+ RESERVED
+CVE-2021-30052
+ RESERVED
+CVE-2021-30051
+ RESERVED
+CVE-2021-30050
+ RESERVED
+CVE-2021-30049
+ RESERVED
+CVE-2021-30048
+ RESERVED
+CVE-2021-30047
+ RESERVED
+CVE-2021-30046
+ RESERVED
+CVE-2021-30045
+ RESERVED
+CVE-2021-30044
+ RESERVED
+CVE-2021-30043
+ RESERVED
+CVE-2021-30042
+ RESERVED
+CVE-2021-30041
+ RESERVED
+CVE-2021-30040
+ RESERVED
+CVE-2021-30039
+ RESERVED
+CVE-2021-30038
+ RESERVED
+CVE-2021-30037
+ RESERVED
+CVE-2021-30036
+ RESERVED
+CVE-2021-30035
+ RESERVED
+CVE-2021-30034
+ RESERVED
+CVE-2021-30033
+ RESERVED
+CVE-2021-30032
+ RESERVED
+CVE-2021-30031
+ RESERVED
+CVE-2021-30030
+ RESERVED
+CVE-2021-30029
+ RESERVED
+CVE-2021-30028
+ RESERVED
+CVE-2021-30027
+ RESERVED
+CVE-2021-30026
+ RESERVED
+CVE-2021-30025
+ RESERVED
+CVE-2021-30024
+ RESERVED
+CVE-2021-30023
+ RESERVED
+CVE-2021-30022
+ RESERVED
+CVE-2021-30021
+ RESERVED
+CVE-2021-30020
+ RESERVED
+CVE-2021-30019
+ RESERVED
+CVE-2021-30018
+ RESERVED
+CVE-2021-30017
+ RESERVED
+CVE-2021-30016
+ RESERVED
+CVE-2021-30015
+ RESERVED
+CVE-2021-30014
+ RESERVED
+CVE-2021-30013
+ RESERVED
+CVE-2021-30012
+ RESERVED
+CVE-2021-30011
+ RESERVED
+CVE-2021-30010
+ RESERVED
+CVE-2021-30009
+ RESERVED
+CVE-2021-30008
+ RESERVED
+CVE-2021-30007
+ RESERVED
CVE-2021-30006
RESERVED
CVE-2021-30005
@@ -9,8 +245,8 @@ CVE-2021-30003 (An issue was discovered on Nokia G-120W-F 3FE46606AGAB91 devices
NOT-FOR-US: Nokia G-120W-F 3FE46606AGAB91 devices
CVE-2021-30001
RESERVED
-CVE-2021-30000
- RESERVED
+CVE-2021-30000 (An issue was discovered in LATRIX 0.6.0. SQL injection in the txtacces ...)
+ TODO: check
CVE-2021-29999
RESERVED
CVE-2021-29998
@@ -740,10 +976,10 @@ CVE-2020-36286 (The membersOf JQL search function in Jira Server and Data Center
NOT-FOR-US: Atlassian
CVE-2021-29663 (CourseMS (aka Course Registration Management System) 2.1 is affected b ...)
NOT-FOR-US: CourseMS (aka Course Registration Management System)
-CVE-2021-29661
- RESERVED
-CVE-2021-29660
- RESERVED
+CVE-2021-29661 (Softing AG OPC Toolbox through 4.10.1.13035 allows /en/diag_values.htm ...)
+ TODO: check
+CVE-2021-29660 (A Cross-Site Request Forgery (CSRF) vulnerability in en/cfg_setpwd.htm ...)
+ TODO: check
CVE-2021-29659
RESERVED
CVE-2021-29658 (The unofficial vscode-rufo extension before 0.0.4 for Visual Studio Co ...)
@@ -762,10 +998,10 @@ CVE-2021-29654
RESERVED
CVE-2021-29653
RESERVED
-CVE-2021-29652
- RESERVED
-CVE-2021-29651
- RESERVED
+CVE-2021-29652 (Pomerium from version 0.10.0-0.13.3 has an Open Redirect in the user s ...)
+ TODO: check
+CVE-2021-29651 (Pomerium before 0.13.4 has an Open Redirect (issue 1 of 2). ...)
+ TODO: check
CVE-2021-29650 (An issue was discovered in the Linux kernel before 5.11.11. The netfil ...)
- linux <unfixed>
NOTE: https://git.kernel.org/linus/175e476b8cdf2a4de7432583b49c871345e4f8a1
@@ -2169,10 +2405,10 @@ CVE-2021-29014
RESERVED
CVE-2021-29013
RESERVED
-CVE-2021-29012
- RESERVED
-CVE-2021-29011
- RESERVED
+CVE-2021-29012 (DMA Softlab Radius Manager 4.4.0 assigns the same session cookie to ev ...)
+ TODO: check
+CVE-2021-29011 (DMA Softlab Radius Manager 4.4.0 is affected by Cross Site Scripting ( ...)
+ TODO: check
CVE-2021-29010 (A cross-site scripting (XSS) issue in SEO Panel 4.8.0 allows remote at ...)
NOT-FOR-US: SEO Panel
CVE-2021-29009 (A cross-site scripting (XSS) issue in SEO Panel 4.8.0 allows remote at ...)
@@ -2348,8 +2584,8 @@ CVE-2021-28942
RESERVED
CVE-2021-28941
RESERVED
-CVE-2021-28940
- RESERVED
+CVE-2021-28940 (Because of a incorrect escaped exec command in MagpieRSS in 0.72 in th ...)
+ TODO: check
CVE-2021-28939
RESERVED
CVE-2021-28938
@@ -4156,10 +4392,10 @@ CVE-2021-28126 (index.jsp in TranzWare e-Commerce Payment Gateway (TWEC PG) befo
NOT-FOR-US: TranzWare e-Commerce Payment Gateway (TWEC PG)
CVE-2021-28125
RESERVED
-CVE-2021-28124
- RESERVED
-CVE-2021-28123
- RESERVED
+CVE-2021-28124 (A man-in-the-middle vulnerability in Cohesity DataPlatform support cha ...)
+ TODO: check
+CVE-2021-28123 (Undocumented Default Cryptographic Key Vulnerability in Cohesity DataP ...)
+ TODO: check
CVE-2021-28122 (A request-validation issue was discovered in Open5GS 2.1.3 through 2.2 ...)
NOT-FOR-US: Open5GS
CVE-2021-28121
@@ -4188,8 +4424,8 @@ CVE-2021-28115 (The OUGC Feedback plugin before 1.8.23 for MyBB allows XSS via t
NOT-FOR-US: MyBB addon
CVE-2021-28114
RESERVED
-CVE-2021-28113
- RESERVED
+CVE-2021-28113 (A command injection vulnerability in the cookieDomain and relayDomain ...)
+ TODO: check
CVE-2021-28112
RESERVED
CVE-2021-28111
@@ -4551,8 +4787,8 @@ CVE-2021-27975
RESERVED
CVE-2021-27974
RESERVED
-CVE-2021-27973
- RESERVED
+CVE-2021-27973 (SQL injection exists in Piwigo before 11.4.0 via the language paramete ...)
+ TODO: check
CVE-2021-27972
RESERVED
CVE-2021-27971
@@ -7885,8 +8121,8 @@ CVE-2021-3376
RESERVED
CVE-2021-3375 (ActivePresenter 6.1.6 is affected by a memory corruption vulnerability ...)
NOT-FOR-US: ActivePresenter
-CVE-2021-3374
- RESERVED
+CVE-2021-3374 (Directory traversal in RStudio Shiny Server before 1.5.16 allows attac ...)
+ TODO: check
CVE-2021-3373
RESERVED
CVE-2021-3372
@@ -9711,10 +9947,10 @@ CVE-2021-25896
RESERVED
CVE-2021-25895
RESERVED
-CVE-2021-25894
- RESERVED
-CVE-2021-25893
- RESERVED
+CVE-2021-25894 (Magnolia CMS contains a stored cross-site scripting (XSS) vulnerabilit ...)
+ TODO: check
+CVE-2021-25893 (Magnolia CMS From 6.1.3 to 6.2.3 contains a stored cross-site scriptin ...)
+ TODO: check
CVE-2021-25892
RESERVED
CVE-2021-25891
@@ -16267,8 +16503,8 @@ CVE-2021-22867
RESERVED
CVE-2021-22866
RESERVED
-CVE-2021-22865
- RESERVED
+CVE-2021-22865 (An improper access control vulnerability was identified in GitHub Ente ...)
+ TODO: check
CVE-2021-22864 (A remote code execution vulnerability was identified in GitHub Enterpr ...)
NOT-FOR-US: GitHub Enterprise
CVE-2021-22863 (An improper access control vulnerability was identified in the GitHub ...)
@@ -16702,8 +16938,7 @@ CVE-2021-3028 (git-big-picture before 1.0.0 mishandles ' characters in a branch
[buster] - git-big-picture <no-dsa> (Minor issue)
[stretch] - git-big-picture <no-dsa> (Minor issue)
NOTE: https://github.com/git-big-picture/git-big-picture/pull/62
-CVE-2021-22696
- RESERVED
+CVE-2021-22696 (CXF supports (via JwtRequestCodeFilter) passing OAuth 2 parameters via ...)
NOT-FOR-US: Apache CXF
CVE-2020-36177 (RsaPad_PSS in wolfcrypt/src/rsa.c in wolfSSL before 4.6.0 has an out-o ...)
- wolfssl 4.6.0-1 (bug #979534)
@@ -17747,22 +17982,22 @@ CVE-2021-22205
RESERVED
CVE-2021-22204
RESERVED
-CVE-2021-22203
- RESERVED
-CVE-2021-22202
- RESERVED
-CVE-2021-22201
- RESERVED
-CVE-2021-22200
- RESERVED
+CVE-2021-22203 (An issue has been discovered in GitLab CE/EE affecting all versions st ...)
+ TODO: check
+CVE-2021-22202 (An issue has been discovered in GitLab CE/EE affecting all previous ve ...)
+ TODO: check
+CVE-2021-22201 (An issue has been discovered in GitLab CE/EE affecting all versions st ...)
+ TODO: check
+CVE-2021-22200 (An issue has been discovered in GitLab CE/EE affecting all versions st ...)
+ TODO: check
CVE-2021-22199
RESERVED
-CVE-2021-22198
- RESERVED
-CVE-2021-22197
- RESERVED
-CVE-2021-22196
- RESERVED
+CVE-2021-22198 (An issue has been discovered in GitLab CE/EE affecting all versions fr ...)
+ TODO: check
+CVE-2021-22197 (An issue has been discovered in GitLab CE/EE affecting all versions st ...)
+ TODO: check
+CVE-2021-22196 (An issue has been discovered in GitLab CE/EE affecting all versions st ...)
+ TODO: check
CVE-2021-22195 (Client side code execution in gitlab-vscode-extension v3.15.0 and earl ...)
TODO: check
CVE-2021-22194 (In all versions of GitLab starting from 13.7, marshalled session keys ...)
@@ -20676,8 +20911,8 @@ CVE-2021-21401 (Nanopb is a small code-size Protocol Buffers implementation in a
- nanopb <unfixed> (bug #985844)
NOTE: https://github.com/nanopb/nanopb/security/advisories/GHSA-7mv5-5mxh-qg88
NOTE: https://github.com/nanopb/nanopb/commit/e2f0ccf939d9f82931d085acb6df8e9a182a4261
-CVE-2021-21400
- RESERVED
+CVE-2021-21400 (wire-webapp is an open-source front end for Wire, a secure collaborati ...)
+ TODO: check
CVE-2021-21399
RESERVED
CVE-2021-21398 (PrestaShop is a fully scalable open source e-commerce solution. In Pre ...)
@@ -26638,8 +26873,8 @@ CVE-2021-1881
RESERVED
CVE-2021-1880
RESERVED
-CVE-2021-1879
- RESERVED
+CVE-2021-1879 (This issue was addressed by improved management of object lifetimes. T ...)
+ TODO: check
CVE-2021-1878
RESERVED
CVE-2021-1877
@@ -26654,14 +26889,12 @@ CVE-2021-1873
RESERVED
CVE-2021-1872
RESERVED
-CVE-2021-1871
- RESERVED
+CVE-2021-1871 (A logic issue was addressed with improved restrictions. This issue is ...)
- webkit2gtk <unfixed>
[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
- wpewebkit <unfixed>
NOTE: https://webkitgtk.org/security/WSA-2021-0003.html
-CVE-2021-1870
- RESERVED
+CVE-2021-1870 (A logic issue was addressed with improved restrictions. This issue is ...)
{DSA-4877-1}
- webkit2gtk 2.30.6-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
@@ -26717,8 +26950,7 @@ CVE-2021-1846
RESERVED
CVE-2021-1845
RESERVED
-CVE-2021-1844
- RESERVED
+CVE-2021-1844 (A memory corruption issue was addressed with improved validation. This ...)
- webkit2gtk <unfixed>
[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
- wpewebkit <unfixed>
@@ -26773,8 +27005,8 @@ CVE-2021-1820
RESERVED
CVE-2021-1819
RESERVED
-CVE-2021-1818
- RESERVED
+CVE-2021-1818 (A logic issue was addressed with improved state management. This issue ...)
+ TODO: check
CVE-2021-1817
RESERVED
CVE-2021-1816
@@ -26797,27 +27029,25 @@ CVE-2021-1808
RESERVED
CVE-2021-1807
RESERVED
-CVE-2021-1806
- RESERVED
-CVE-2021-1805
- RESERVED
+CVE-2021-1806 (A race condition was addressed with additional validation. This issue ...)
+ TODO: check
+CVE-2021-1805 (An out-of-bounds write was addressed with improved input validation. T ...)
+ TODO: check
CVE-2021-1804
RESERVED
-CVE-2021-1803
- RESERVED
-CVE-2021-1802
- RESERVED
-CVE-2021-1801
- RESERVED
+CVE-2021-1803 (The issue was addressed with improved permissions logic. This issue is ...)
+ TODO: check
+CVE-2021-1802 (A logic issue was addressed with improved state management. This issue ...)
+ TODO: check
+CVE-2021-1801 (This issue was addressed with improved iframe sandbox enforcement. Thi ...)
{DSA-4877-1}
- webkit2gtk 2.30.6-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
- wpewebkit 2.30.6-1
NOTE: https://webkitgtk.org/security/WSA-2021-0002.html
-CVE-2021-1800
- RESERVED
-CVE-2021-1799
- RESERVED
+CVE-2021-1800 (A path handling issue was addressed with improved validation. This iss ...)
+ TODO: check
+CVE-2021-1799 (A port redirection issue was addressed with additional port validation ...)
{DSA-4877-1}
- webkit2gtk 2.30.6-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
@@ -26825,144 +27055,141 @@ CVE-2021-1799
NOTE: https://webkitgtk.org/security/WSA-2021-0002.html
CVE-2021-1798
RESERVED
-CVE-2021-1797
- RESERVED
-CVE-2021-1796
- RESERVED
-CVE-2021-1795
- RESERVED
-CVE-2021-1794
- RESERVED
-CVE-2021-1793
- RESERVED
-CVE-2021-1792
- RESERVED
-CVE-2021-1791
- RESERVED
-CVE-2021-1790
- RESERVED
-CVE-2021-1789
- RESERVED
+CVE-2021-1797 (The issue was addressed with improved permissions logic. This issue is ...)
+ TODO: check
+CVE-2021-1796 (An out-of-bounds write was addressed with improved input validation. T ...)
+ TODO: check
+CVE-2021-1795 (An out-of-bounds write was addressed with improved input validation. T ...)
+ TODO: check
+CVE-2021-1794 (An out-of-bounds read was addressed with improved input validation. Th ...)
+ TODO: check
+CVE-2021-1793 (This issue was addressed with improved checks. This issue is fixed in ...)
+ TODO: check
+CVE-2021-1792 (An out-of-bounds read was addressed with improved bounds checking. Thi ...)
+ TODO: check
+CVE-2021-1791 (An out-of-bounds read issue existed that led to the disclosure of kern ...)
+ TODO: check
+CVE-2021-1790 (An out-of-bounds read was addressed with improved input validation. Th ...)
+ TODO: check
+CVE-2021-1789 (A type confusion issue was addressed with improved state handling. Thi ...)
{DSA-4877-1}
- webkit2gtk 2.30.6-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
- wpewebkit 2.30.6-1
NOTE: https://webkitgtk.org/security/WSA-2021-0002.html
-CVE-2021-1788
- RESERVED
+CVE-2021-1788 (A use after free issue was addressed with improved memory management. ...)
- webkit2gtk <unfixed>
[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
- wpewebkit <unfixed>
NOTE: https://webkitgtk.org/security/WSA-2021-0003.html
-CVE-2021-1787
- RESERVED
-CVE-2021-1786
- RESERVED
-CVE-2021-1785
- RESERVED
+CVE-2021-1787 (Multiple issues were addressed with improved logic. This issue is fixe ...)
+ TODO: check
+CVE-2021-1786 (A logic issue was addressed with improved state management. This issue ...)
+ TODO: check
+CVE-2021-1785 (An out-of-bounds read was addressed with improved input validation. Th ...)
+ TODO: check
CVE-2021-1784
RESERVED
-CVE-2021-1783
- RESERVED
-CVE-2021-1782
- RESERVED
-CVE-2021-1781
- RESERVED
-CVE-2021-1780
- RESERVED
-CVE-2021-1779
- RESERVED
-CVE-2021-1778
- RESERVED
-CVE-2021-1777
- RESERVED
-CVE-2021-1776
- RESERVED
-CVE-2021-1775
- RESERVED
-CVE-2021-1774
- RESERVED
-CVE-2021-1773
- RESERVED
-CVE-2021-1772
- RESERVED
-CVE-2021-1771
- RESERVED
+CVE-2021-1783 (An access issue was addressed with improved memory management. This is ...)
+ TODO: check
+CVE-2021-1782 (A race condition was addressed with improved locking. This issue is fi ...)
+ TODO: check
+CVE-2021-1781 (A privacy issue existed in the handling of Contact cards. This was add ...)
+ TODO: check
+CVE-2021-1780 (A memory initialization issue was addressed with improved memory handl ...)
+ TODO: check
+CVE-2021-1779 (A logic error in kext loading was addressed with improved state handli ...)
+ TODO: check
+CVE-2021-1778 (An out-of-bounds read issue existed in the curl. This issue was addres ...)
+ TODO: check
+CVE-2021-1777 (This issue was addressed with improved checks. This issue is fixed in ...)
+ TODO: check
+CVE-2021-1776 (An out-of-bounds write issue was addressed with improved bounds checki ...)
+ TODO: check
+CVE-2021-1775 (This issue was addressed by removing the vulnerable code. This issue i ...)
+ TODO: check
+CVE-2021-1774 (This issue was addressed with improved checks. This issue is fixed in ...)
+ TODO: check
+CVE-2021-1773 (A logic issue was addressed with improved state management. This issue ...)
+ TODO: check
+CVE-2021-1772 (A stack overflow was addressed with improved input validation. This is ...)
+ TODO: check
+CVE-2021-1771 (This issue was addressed with improved checks. This issue is fixed in ...)
+ TODO: check
CVE-2021-1770
RESERVED
-CVE-2021-1769
- RESERVED
-CVE-2021-1768
- RESERVED
-CVE-2021-1767
- RESERVED
-CVE-2021-1766
- RESERVED
-CVE-2021-1765
- RESERVED
+CVE-2021-1769 (A logic issue was addressed with improved validation. This issue is fi ...)
+ TODO: check
+CVE-2021-1768 (An out-of-bounds read was addressed with improved bounds checking. Thi ...)
+ TODO: check
+CVE-2021-1767 (This issue was addressed with improved checks. This issue is fixed in ...)
+ TODO: check
+CVE-2021-1766 (This issue was addressed with improved checks. This issue is fixed in ...)
+ TODO: check
+CVE-2021-1765 (This issue was addressed with improved iframe sandbox enforcement. Thi ...)
{DSA-4877-1}
- webkit2gtk 2.30.6-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
- wpewebkit 2.30.6-1
NOTE: https://webkitgtk.org/security/WSA-2021-0002.html
-CVE-2021-1764
- RESERVED
-CVE-2021-1763
- RESERVED
+CVE-2021-1764 (A use after free issue was addressed with improved memory management. ...)
+ TODO: check
+CVE-2021-1763 (A buffer overflow was addressed with improved bounds checking. This is ...)
+ TODO: check
CVE-2021-1762
RESERVED
-CVE-2021-1761
- RESERVED
-CVE-2021-1760
- RESERVED
-CVE-2021-1759
- RESERVED
-CVE-2021-1758
- RESERVED
-CVE-2021-1757
- RESERVED
-CVE-2021-1756
- RESERVED
-CVE-2021-1755
- RESERVED
-CVE-2021-1754
- RESERVED
-CVE-2021-1753
- RESERVED
+CVE-2021-1761 (This issue was addressed with improved checks. This issue is fixed in ...)
+ TODO: check
+CVE-2021-1760 (A memory corruption issue was addressed with improved state management ...)
+ TODO: check
+CVE-2021-1759 (An out-of-bounds read was addressed with improved input validation. Th ...)
+ TODO: check
+CVE-2021-1758 (An out-of-bounds read was addressed with improved bounds checking. Thi ...)
+ TODO: check
+CVE-2021-1757 (An out-of-bounds read was addressed with improved bounds checking. Thi ...)
+ TODO: check
+CVE-2021-1756 (A lock screen issue allowed access to contacts on a locked device. Thi ...)
+ TODO: check
+CVE-2021-1755 (A lock screen issue allowed access to contacts on a locked device. Thi ...)
+ TODO: check
+CVE-2021-1754 (This issue was addressed with improved checks. This issue is fixed in ...)
+ TODO: check
+CVE-2021-1753 (An out-of-bounds read was addressed with improved bounds checking. Thi ...)
+ TODO: check
CVE-2021-1752
RESERVED
-CVE-2021-1751
- RESERVED
-CVE-2021-1750
- RESERVED
+CVE-2021-1751 (A logic issue was addressed with improved state management. This issue ...)
+ TODO: check
+CVE-2021-1750 (Multiple issues were addressed with improved logic. This issue is fixe ...)
+ TODO: check
CVE-2021-1749
RESERVED
-CVE-2021-1748
- RESERVED
-CVE-2021-1747
- RESERVED
-CVE-2021-1746
- RESERVED
-CVE-2021-1745
- RESERVED
-CVE-2021-1744
- RESERVED
-CVE-2021-1743
- RESERVED
-CVE-2021-1742
- RESERVED
-CVE-2021-1741
- RESERVED
+CVE-2021-1748 (A validation issue was addressed with improved input sanitization. Thi ...)
+ TODO: check
+CVE-2021-1747 (An out-of-bounds write was addressed with improved input validation. T ...)
+ TODO: check
+CVE-2021-1746 (This issue was addressed with improved checks. This issue is fixed in ...)
+ TODO: check
+CVE-2021-1745 (An out-of-bounds read was addressed with improved input validation. Th ...)
+ TODO: check
+CVE-2021-1744 (An out-of-bounds write was addressed with improved input validation. T ...)
+ TODO: check
+CVE-2021-1743 (An out-of-bounds read was addressed with improved bounds checking. Thi ...)
+ TODO: check
+CVE-2021-1742 (This issue was addressed with improved checks. This issue is fixed in ...)
+ TODO: check
+CVE-2021-1741 (An out-of-bounds read was addressed with improved bounds checking. Thi ...)
+ TODO: check
CVE-2021-1740
RESERVED
CVE-2021-1739
RESERVED
-CVE-2021-1738
- RESERVED
-CVE-2021-1737
- RESERVED
-CVE-2021-1736
- RESERVED
+CVE-2021-1738 (An out-of-bounds write was addressed with improved input validation. T ...)
+ TODO: check
+CVE-2021-1737 (An out-of-bounds write was addressed with improved input validation. T ...)
+ TODO: check
+CVE-2021-1736 (An out-of-bounds read was addressed with improved input validation. Th ...)
+ TODO: check
CVE-2020-29651 (A denial of service via regular expression in the py.path.svnwc compon ...)
- python-py 1.10.0-1
[buster] - python-py <no-dsa> (Minor issue)
@@ -26994,8 +27221,8 @@ CVE-2020-29641
RESERVED
CVE-2020-29640
RESERVED
-CVE-2020-29639
- RESERVED
+CVE-2020-29639 (An out-of-bounds read was addressed with improved input validation. Th ...)
+ TODO: check
CVE-2020-29638
RESERVED
CVE-2020-29637
@@ -27006,8 +27233,8 @@ CVE-2020-29635
RESERVED
CVE-2020-29634
RESERVED
-CVE-2020-29633
- RESERVED
+CVE-2020-29633 (An authentication issue was addressed with improved state management. ...)
+ TODO: check
CVE-2020-29632
RESERVED
CVE-2020-29631
@@ -27022,12 +27249,11 @@ CVE-2020-29627
RESERVED
CVE-2020-29626
RESERVED
-CVE-2020-29625
- RESERVED
-CVE-2020-29624
- RESERVED
-CVE-2020-29623
- RESERVED
+CVE-2020-29625 (This issue was addressed with improved checks. This issue is fixed in ...)
+ TODO: check
+CVE-2020-29624 (A memory corruption issue existed in the processing of font files. Thi ...)
+ TODO: check
+CVE-2020-29623 ("Clear History and Website Data" did not clear the history. The issue ...)
{DSA-4877-1}
- webkit2gtk 2.30.6-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
@@ -27035,34 +27261,34 @@ CVE-2020-29623
NOTE: https://webkitgtk.org/security/WSA-2021-0002.html
CVE-2020-29622
RESERVED
-CVE-2020-29621
- RESERVED
-CVE-2020-29620
- RESERVED
-CVE-2020-29619
- RESERVED
-CVE-2020-29618
- RESERVED
-CVE-2020-29617
- RESERVED
-CVE-2020-29616
- RESERVED
-CVE-2020-29615
- RESERVED
-CVE-2020-29614
- RESERVED
-CVE-2020-29613
- RESERVED
-CVE-2020-29612
- RESERVED
-CVE-2020-29611
- RESERVED
-CVE-2020-29610
- RESERVED
+CVE-2020-29621 (This issue was addressed with improved checks. This issue is fixed in ...)
+ TODO: check
+CVE-2020-29620 (This issue was addressed with improved entitlements. This issue is fix ...)
+ TODO: check
+CVE-2020-29619 (An out-of-bounds read was addressed with improved input validation. Th ...)
+ TODO: check
+CVE-2020-29618 (An out-of-bounds read was addressed with improved input validation. Th ...)
+ TODO: check
+CVE-2020-29617 (An out-of-bounds read was addressed with improved input validation. Th ...)
+ TODO: check
+CVE-2020-29616 (A memory corruption issue was addressed with improved input validation ...)
+ TODO: check
+CVE-2020-29615 (An out-of-bounds read was addressed with improved input validation. Th ...)
+ TODO: check
+CVE-2020-29614 (This issue was addressed with improved checks. This issue is fixed in ...)
+ TODO: check
+CVE-2020-29613 (A logic issue was addressed with improved state management. This issue ...)
+ TODO: check
+CVE-2020-29612 (An out-of-bounds write issue was addressed with improved bounds checki ...)
+ TODO: check
+CVE-2020-29611 (An out-of-bounds write issue was addressed with improved bounds checki ...)
+ TODO: check
+CVE-2020-29610 (An out-of-bounds read was addressed with improved input validation. Th ...)
+ TODO: check
CVE-2020-29609
RESERVED
-CVE-2020-29608
- RESERVED
+CVE-2020-29608 (An out-of-bounds read was addressed with improved bounds checking. Thi ...)
+ TODO: check
CVE-2020-29607 (A file upload restriction bypass vulnerability in Pluck CMS before 4.7 ...)
NOT-FOR-US: Pluck CMS
CVE-2020-35921 (An issue was discovered in the miow crate before 0.3.6 for Rust. It ha ...)
@@ -33798,50 +34024,50 @@ CVE-2020-27954
RESERVED
CVE-2020-27953
RESERVED
-CVE-2020-27952
- RESERVED
-CVE-2020-27951
- RESERVED
+CVE-2020-27952 (An out-of-bounds write was addressed with improved input validation. T ...)
+ TODO: check
+CVE-2020-27951 (This issue was addressed with improved checks. This issue is fixed in ...)
+ TODO: check
CVE-2020-27950 (A memory initialization issue was addressed. This issue is fixed in ma ...)
NOT-FOR-US: Apple
-CVE-2020-27949
- RESERVED
-CVE-2020-27948
- RESERVED
-CVE-2020-27947
- RESERVED
-CVE-2020-27946
- RESERVED
-CVE-2020-27945
- RESERVED
-CVE-2020-27944
- RESERVED
-CVE-2020-27943
- RESERVED
+CVE-2020-27949 (This issue was addressed with improved checks to prevent unauthorized ...)
+ TODO: check
+CVE-2020-27948 (An out-of-bounds write issue was addressed with improved bounds checki ...)
+ TODO: check
+CVE-2020-27947 (A memory corruption issue was addressed with improved input validation ...)
+ TODO: check
+CVE-2020-27946 (An information disclosure issue was addressed with improved state mana ...)
+ TODO: check
+CVE-2020-27945 (An integer overflow was addressed with improved input validation. This ...)
+ TODO: check
+CVE-2020-27944 (A memory corruption issue existed in the processing of font files. Thi ...)
+ TODO: check
+CVE-2020-27943 (A memory corruption issue existed in the processing of font files. Thi ...)
+ TODO: check
CVE-2020-27942
RESERVED
-CVE-2020-27941
- RESERVED
+CVE-2020-27941 (A validation issue was addressed with improved logic. This issue is fi ...)
+ TODO: check
CVE-2020-27940
RESERVED
-CVE-2020-27939
- RESERVED
-CVE-2020-27938
- RESERVED
-CVE-2020-27937
- RESERVED
-CVE-2020-27936
- RESERVED
-CVE-2020-27935
- RESERVED
+CVE-2020-27939 (This issue was addressed with improved checks. This issue is fixed in ...)
+ TODO: check
+CVE-2020-27938 (A logic issue was addressed with improved state management. This issue ...)
+ TODO: check
+CVE-2020-27937 (A logic issue was addressed with improved state management. This issue ...)
+ TODO: check
+CVE-2020-27936 (An out-of-bounds read issue existed that led to the disclosure of kern ...)
+ TODO: check
+CVE-2020-27935 (Multiple issues were addressed with improved logic. This issue is fixe ...)
+ TODO: check
CVE-2020-27934
RESERVED
-CVE-2020-27933
- RESERVED
+CVE-2020-27933 (A memory corruption issue was addressed with improved input validation ...)
+ TODO: check
CVE-2020-27932 (A type confusion issue was addressed with improved state handling. Thi ...)
NOT-FOR-US: Apple
-CVE-2020-27931
- RESERVED
+CVE-2020-27931 (A memory corruption issue existed in the processing of font files. Thi ...)
+ TODO: check
CVE-2020-27930 (A memory corruption issue was addressed with improved input validation ...)
NOT-FOR-US: Apple
CVE-2020-27929 (A logic issue existed in the handling of Group FaceTime calls. The iss ...)
@@ -33854,18 +34080,18 @@ CVE-2020-27926 (A use after free issue was addressed with improved memory manage
NOT-FOR-US: Apple
CVE-2020-27925 (An issue existed in the handling of incoming calls. The issue was addr ...)
NOT-FOR-US: Apple
-CVE-2020-27924
- RESERVED
-CVE-2020-27923
- RESERVED
-CVE-2020-27922
- RESERVED
-CVE-2020-27921
- RESERVED
-CVE-2020-27920
- RESERVED
-CVE-2020-27919
- RESERVED
+CVE-2020-27924 (An out-of-bounds read was addressed with improved input validation. Th ...)
+ TODO: check
+CVE-2020-27923 (An out-of-bounds write was addressed with improved input validation. T ...)
+ TODO: check
+CVE-2020-27922 (A logic issue was addressed with improved state management. This issue ...)
+ TODO: check
+CVE-2020-27921 (A race condition was addressed with improved state handling. This issu ...)
+ TODO: check
+CVE-2020-27920 (A use after free issue was addressed with improved memory management. ...)
+ TODO: check
+CVE-2020-27919 (An out-of-bounds write was addressed with improved input validation. T ...)
+ TODO: check
CVE-2020-27918 (A use after free issue was addressed with improved memory management. ...)
{DSA-4877-1}
- webkit2gtk 2.30.6-1
@@ -33876,10 +34102,10 @@ CVE-2020-27917 (A use after free issue was addressed with improved memory manage
NOT-FOR-US: Apple
CVE-2020-27916 (An out-of-bounds write was addressed with improved input validation. T ...)
NOT-FOR-US: Apple
-CVE-2020-27915
- RESERVED
-CVE-2020-27914
- RESERVED
+CVE-2020-27915 (A memory corruption issue was addressed with improved input validation ...)
+ TODO: check
+CVE-2020-27914 (A memory corruption issue was addressed with improved input validation ...)
+ TODO: check
CVE-2020-27913
RESERVED
CVE-2020-27912 (An out-of-bounds write was addressed with improved input validation. T ...)
@@ -33890,10 +34116,10 @@ CVE-2020-27910 (An out-of-bounds read was addressed with improved input validati
NOT-FOR-US: Apple
CVE-2020-27909 (An out-of-bounds read was addressed with improved input validation. Th ...)
NOT-FOR-US: Apple
-CVE-2020-27908
- RESERVED
-CVE-2020-27907
- RESERVED
+CVE-2020-27908 (An out-of-bounds read was addressed with improved input validation. Th ...)
+ TODO: check
+CVE-2020-27907 (A memory corruption issue was addressed with improved memory handling. ...)
+ TODO: check
CVE-2020-27906 (Multiple integer overflows were addressed with improved input validati ...)
NOT-FOR-US: Apple
CVE-2020-27905 (A memory corruption issue was addressed with improved state management ...)
@@ -33904,24 +34130,24 @@ CVE-2020-27903 (This issue was addressed by removing the vulnerable code. This i
NOT-FOR-US: Apple
CVE-2020-27902 (An authentication issue was addressed with improved state management. ...)
NOT-FOR-US: Apple
-CVE-2020-27901
- RESERVED
+CVE-2020-27901 (A logic issue was addressed with improved restrictions. This issue is ...)
+ TODO: check
CVE-2020-27900 (An issue existed in the handling of snapshots. The issue was resolved ...)
NOT-FOR-US: Apple
-CVE-2020-27899
- RESERVED
+CVE-2020-27899 (A use after free issue was addressed with improved memory management. ...)
+ TODO: check
CVE-2020-27898 (A denial of service issue was addressed with improved state handling. ...)
NOT-FOR-US: Apple
-CVE-2020-27897
- RESERVED
+CVE-2020-27897 (An out-of-bounds write issue was addressed with improved bounds checki ...)
+ TODO: check
CVE-2020-27896 (A path handling issue was addressed with improved validation. This iss ...)
NOT-FOR-US: Apple
CVE-2020-27895 (An information disclosure issue existed in the transition of program s ...)
NOT-FOR-US: Apple
CVE-2020-27894 (The issue was addressed with additional user controls. This issue is f ...)
NOT-FOR-US: Apple
-CVE-2020-27893
- RESERVED
+CVE-2020-27893 (An issue existed in screen sharing. This issue was addressed with impr ...)
+ TODO: check
CVE-2020-27892 (The Zigbee protocol implementation on Texas Instruments CC2538 devices ...)
NOT-FOR-US: Texas Instruments CC2538 devices
CVE-2020-27891 (The Zigbee protocol implementation on Texas Instruments CC2538 devices ...)
@@ -71953,14 +72179,14 @@ CVE-2020-11927
RESERVED
CVE-2020-11926
RESERVED
-CVE-2020-11925
- RESERVED
-CVE-2020-11924
- RESERVED
-CVE-2020-11923
- RESERVED
-CVE-2020-11922
- RESERVED
+CVE-2020-11925 (An issue was discovered in Luvion Grand Elite 3 Connect through 2020-0 ...)
+ TODO: check
+CVE-2020-11924 (An issue was discovered in WiZ Colors A60 1.14.0. Wi-Fi credentials ar ...)
+ TODO: check
+CVE-2020-11923 (An issue was discovered in WiZ Colors A60 1.14.0. API credentials are ...)
+ TODO: check
+CVE-2020-11922 (An issue was discovered in WiZ Colors A60 1.14.0. The device sends unn ...)
+ TODO: check
CVE-2020-11921
RESERVED
CVE-2020-11920 (An issue was discovered in Svakom Siime Eye 14.1.00000001.3.330.0.0.3. ...)
@@ -76385,7 +76611,7 @@ CVE-2020-10644 (The affected product lacks proper validation of user-supplied da
NOT-FOR-US: Inductive Automation Ignition
CVE-2020-10643 (An authenticated remote attacker could use specially crafted URLs to s ...)
NOT-FOR-US: PI Vision
-CVE-2020-10642 (In Rockwell Automation RSLinx Classic versions 4.1.00 and prior, an au ...)
+CVE-2020-10642 (In Rockwell Automation RSLinx Classic versions 4.11.00 and prior, an a ...)
NOT-FOR-US: Rockwell
CVE-2020-10641 (An unprotected logging route may allow an attacker to write endless lo ...)
NOT-FOR-US: Inductive Automation
@@ -77820,8 +78046,8 @@ CVE-2020-9997 (An information disclosure issue was addressed with improved state
NOT-FOR-US: Apple
CVE-2020-9996 (A use after free issue was addressed with improved memory management. ...)
NOT-FOR-US: Apple
-CVE-2020-9995
- RESERVED
+CVE-2020-9995 (An issue existed in the parsing of URLs. This issue was addressed with ...)
+ TODO: check
CVE-2020-9994 (A path handling issue was addressed with improved validation. This iss ...)
NOT-FOR-US: Apple
CVE-2020-9993 (The issue was addressed with improved UI handling. This issue is fixed ...)
@@ -77860,30 +78086,30 @@ CVE-2020-9980 (An out-of-bounds write issue was addressed with improved bounds c
NOT-FOR-US: Apple
CVE-2020-9979 (A trust issue was addressed by removing a legacy API. This issue is fi ...)
NOT-FOR-US: Apple
-CVE-2020-9978
- RESERVED
+CVE-2020-9978 (This issue was addressed with improved setting propagation. This issue ...)
+ TODO: check
CVE-2020-9977 (A validation issue existed in the entitlement verification. This issue ...)
NOT-FOR-US: Apple
CVE-2020-9976 (A logic issue was addressed with improved state management. This issue ...)
NOT-FOR-US: Apple
-CVE-2020-9975
- RESERVED
+CVE-2020-9975 (A use after free issue was addressed with improved memory management. ...)
+ TODO: check
CVE-2020-9974 (A logic issue was addressed with improved state management. This issue ...)
NOT-FOR-US: Apple
CVE-2020-9973 (An out-of-bounds read was addressed with improved bounds checking. Thi ...)
NOT-FOR-US: Apple
CVE-2020-9972 (A buffer overflow issue was addressed with improved memory handling. T ...)
NOT-FOR-US: Apple
-CVE-2020-9971
- RESERVED
+CVE-2020-9971 (A logic issue was addressed with improved validation. This issue is fi ...)
+ TODO: check
CVE-2020-9970
RESERVED
CVE-2020-9969 (An access issue was addressed with additional sandbox restrictions. Th ...)
NOT-FOR-US: Apple
CVE-2020-9968 (A logic issue was addressed with improved restrictions. This issue is ...)
NOT-FOR-US: Apple
-CVE-2020-9967
- RESERVED
+CVE-2020-9967 (Multiple memory corruption issues were addressed with improved input v ...)
+ TODO: check
CVE-2020-9966 (An out-of-bounds read was addressed with improved input validation. Th ...)
NOT-FOR-US: Apple
CVE-2020-9965 (An out-of-bounds read was addressed with improved input validation. Th ...)
@@ -77892,22 +78118,22 @@ CVE-2020-9964 (A memory initialization issue was addressed with improved memory
NOT-FOR-US: Apple
CVE-2020-9963 (The issue was addressed with improved handling of icon caches. This is ...)
NOT-FOR-US: Apple
-CVE-2020-9962
- RESERVED
+CVE-2020-9962 (A buffer overflow was addressed with improved size validation. This is ...)
+ TODO: check
CVE-2020-9961 (An out-of-bounds read was addressed with improved input validation. Th ...)
NOT-FOR-US: Apple
-CVE-2020-9960
- RESERVED
+CVE-2020-9960 (An out-of-bounds read was addressed with improved input validation. Th ...)
+ TODO: check
CVE-2020-9959 (A lock screen issue allowed access to messages on a locked device. Thi ...)
NOT-FOR-US: Apple
CVE-2020-9958 (An out-of-bounds write issue was addressed with improved bounds checki ...)
NOT-FOR-US: Apple
CVE-2020-9957
RESERVED
-CVE-2020-9956
- RESERVED
-CVE-2020-9955
- RESERVED
+CVE-2020-9956 (An out-of-bounds read was addressed with improved input validation. Th ...)
+ TODO: check
+CVE-2020-9955 (An out-of-bounds write issue was addressed with improved bounds checki ...)
+ TODO: check
CVE-2020-9954 (A buffer overflow issue was addressed with improved memory handling. T ...)
NOT-FOR-US: Apple
CVE-2020-9953
@@ -77975,16 +78201,16 @@ CVE-2020-9932 (A memory corruption issue was addressed with improved validation.
NOT-FOR-US: Apple
CVE-2020-9931 (A denial of service issue was addressed with improved input validation ...)
NOT-FOR-US: Apple
-CVE-2020-9930
- RESERVED
+CVE-2020-9930 (An out-of-bounds read was addressed with improved input validation. Th ...)
+ TODO: check
CVE-2020-9929 (A memory corruption issue was addressed with improved memory handling. ...)
NOT-FOR-US: Apple
CVE-2020-9928 (Multiple memory corruption issues were addressed with improved memory ...)
NOT-FOR-US: Apple
CVE-2020-9927 (A memory corruption issue was addressed with improved input validation ...)
NOT-FOR-US: Apple
-CVE-2020-9926
- RESERVED
+CVE-2020-9926 (A use after free issue was addressed with improved memory management. ...)
+ TODO: check
CVE-2020-9925 (A logic issue was addressed with improved state management. This issue ...)
{DSA-4739-1}
- webkit2gtk 2.28.4-1
@@ -78401,8 +78627,8 @@ CVE-2020-10017 (An out-of-bounds write was addressed with improved input validat
NOT-FOR-US: Apple
CVE-2020-10016 (A memory corruption issue was addressed with improved state management ...)
NOT-FOR-US: Apple
-CVE-2020-10015
- RESERVED
+CVE-2020-10015 (An out-of-bounds write issue was addressed with improved bounds checki ...)
+ TODO: check
CVE-2020-10014 (A parsing issue in the handling of directory paths was addressed with ...)
NOT-FOR-US: Apple
CVE-2020-10013 (A logic issue was addressed with improved state management. This issue ...)
@@ -78415,8 +78641,8 @@ CVE-2020-10010 (A path handling issue was addressed with improved validation. Th
NOT-FOR-US: Apple
CVE-2020-10009 (A logic issue was addressed with improved state management. This issue ...)
NOT-FOR-US: Apple
-CVE-2020-10008
- RESERVED
+CVE-2020-10008 (A logic issue was addressed with improved restrictions. This issue is ...)
+ TODO: check
CVE-2020-10007 (A logic issue was addressed with improved state management. This issue ...)
NOT-FOR-US: Apple
CVE-2020-10006 (This issue was addressed with improved entitlements. This issue is fix ...)
@@ -78429,8 +78655,7 @@ CVE-2020-10003 (An issue existed within the path validation logic for symlinks.
NOT-FOR-US: Apple
CVE-2020-10002 (A logic issue was addressed with improved state management. This issue ...)
NOT-FOR-US: Apple
-CVE-2020-10001 [buffer (read) overflow in the ippReadIO function]
- RESERVED
+CVE-2020-10001 (An input validation issue was addressed with improved memory handling. ...)
- cups 2.3.3op2-1
[buster] - cups <no-dsa> (Minor issue)
[stretch] - cups <no-dsa> (Minor issue)
@@ -80229,14 +80454,14 @@ CVE-2019-20468 (An issue was discovered in SeTracker2 for TK-Star Q90 Junior GPS
NOT-FOR-US: TK-Star Q90 Junior GPS horloge
CVE-2019-20467
RESERVED
-CVE-2019-20466
- RESERVED
-CVE-2019-20465
- RESERVED
-CVE-2019-20464
- RESERVED
-CVE-2019-20463
- RESERVED
+CVE-2019-20466 (An issue was discovered on Sannce Smart HD Wifi Security Camera EAN 2 ...)
+ TODO: check
+CVE-2019-20465 (An issue was discovered on Sannce Smart HD Wifi Security Camera EAN 2 ...)
+ TODO: check
+CVE-2019-20464 (An issue was discovered on Sannce Smart HD Wifi Security Camera EAN 2 ...)
+ TODO: check
+CVE-2019-20463 (An issue was discovered on Sannce Smart HD Wifi Security Camera EAN 2 ...)
+ TODO: check
CVE-2019-20462
RESERVED
CVE-2019-20461
@@ -199534,7 +199759,7 @@ CVE-2018-5383 (Bluetooth firmware or operating system software drivers in macOS
- firmware-nonfree 20190114-1
[stretch] - firmware-nonfree 20161130-5
NOTE: http://www.cs.technion.ac.il/~biham/BT/
-CVE-2018-5382 (Bouncy Castle BKS version 1 keystore (BKS-V1) files use an HMAC that i ...)
+CVE-2018-5382 (The default BKS keystore use an HMAC that is only 16 bits long, which ...)
- bouncycastle 1.48+dfsg-2
[wheezy] - bouncycastle <ignored> (this only affects the integrity verification and not the content of the BKS keystore)
NOTE: https://insights.sei.cmu.edu/cert/2018/03/the-curious-case-of-the-bouncy-castle-bks-passwords.html
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a3e05295915fee4ec19e845772c8532195ec4bd3
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a3e05295915fee4ec19e845772c8532195ec4bd3
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210402/5fe9cfc7/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list