[Git][security-tracker-team/security-tracker][master] 2 commits: nextcloud-desktop no-dsa
Moritz Muehlenhoff
jmm at debian.org
Sun Apr 18 11:57:41 BST 2021
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
f72b19e1 by Moritz Muehlenhoff at 2021-04-18T12:54:08+02:00
nextcloud-desktop no-dsa
- - - - -
c3c0a876 by Moritz Muehlenhoff at 2021-04-18T12:57:16+02:00
new xscreensaver issue
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,8 @@
+CVE-2021-XXXX [xscreensaver allows starting external programs with cap_net_raw]
+ - xscreensaver <unfixed>
+ [buster] - xscreensaver <no-dsa> (Minor issue)
+ NOTE: Fixed upstream in 6.0.0 (no public version control)
+ NOTE: https://www.openwall.com/lists/oss-security/2021/04/17/1
CVE-2021-3505
RESERVED
- libtpms 0.8.0~dev1-1
@@ -19649,6 +19654,7 @@ CVE-2021-22880 (The PostgreSQL adapter in Active Record before 6.1.2.1, 6.0.3.5,
NOTE: https://github.com/rails/rails/commit/879d02107b5b3eb7aeaad1cd1f259bb41f17286b (v6.0.3.5)
CVE-2021-22879 (Nextcloud Desktop Client prior to 3.1.3 is vulnerable to resource inje ...)
- nextcloud-desktop <unfixed>
+ [buster] - nextcloud-desktop <no-dsa> (Minor issue)
NOTE: https://nextcloud.com/security/advisory/?id=NC-SA-2021-008
NOTE: https://github.com/nextcloud/desktop/pull/2906
CVE-2021-22878 (Nextcloud Server prior to 20.0.6 is vulnerable to reflected cross-site ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/6daa5d989664b04223c99930123f0834ee00ead8...c3c0a8765216b1910a1289519b341df41fd53b7f
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/6daa5d989664b04223c99930123f0834ee00ead8...c3c0a8765216b1910a1289519b341df41fd53b7f
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210418/ef51f00c/attachment.htm>
More information about the debian-security-tracker-commits
mailing list