[Git][security-tracker-team/security-tracker][master] Add CVE-2021-2942{7,8,9}/gradle

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
e2a20973 by Salvatore Bonaccorso at 2021-04-15T08:57:52+02:00
Add CVE-2021-2942{7,8,9}/gradle

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -3895,11 +3895,14 @@ CVE-2021-29431
 CVE-2021-29430
 	RESERVED
 CVE-2021-29429 (In Gradle before version 7.0, files created with open permissions in t ...)
-	TODO: check
+	- gradle <unfixed>
+	NOTE: https://github.com/gradle/gradle/security/advisories/GHSA-fp8h-qmr5-j4c8
 CVE-2021-29428 (In Gradle before version 7.0, on Unix-like systems, the system tempora ...)
-	TODO: check
+	- gradle <unfixed>
+	NOTE: https://github.com/gradle/gradle/security/advisories/GHSA-89qm-pxvm-p336
 CVE-2021-29427 (In Gradle from version 5.1 and before version 7.0 there is a vulnerabi ...)
-	TODO: check
+	- gradle <not-affected> (Vulnerable code introduced later)
+	NOTE: https://github.com/gradle/gradle/security/advisories/GHSA-jvmj-rh6q-x395
 CVE-2021-29426
 	RESERVED
 CVE-2021-29425 (In Apache Commons IO before 2.7, When invoking the method FileNameUtil ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e2a209738b811102a5fa0ed2bf4e15cd3e19a416

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e2a209738b811102a5fa0ed2bf4e15cd3e19a416
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210415/4b2d28c3/attachment.htm>