[Git][security-tracker-team/security-tracker][master] 3 commits: Add Debian bug reference for ruby-sidekiq

Thu Apr 22 10:12:33 BST 2021


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
f0655c3f by Salvatore Bonaccorso at 2021-04-22T11:07:55+02:00
Add Debian bug reference for ruby-sidekiq

- - - - -
f584c9c4 by Salvatore Bonaccorso at 2021-04-22T11:08:16+02:00
Add Debian bug reference for CVE-2020-25864/consul

- - - - -
bccca9b2 by Salvatore Bonaccorso at 2021-04-22T11:08:32+02:00
Add Debian bug references for google-compute-image-packages issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -3027,7 +3027,7 @@ CVE-2021-30152 (An issue was discovered in MediaWiki before 1.31.13 and 1.32.x t
 	NOTE: https://phabricator.wikimedia.org/T270713
 	NOTE: https://lists.wikimedia.org/pipermail/wikitech-l/2021-April/094418.html
 CVE-2021-30151 (Sidekiq through 5.1.3 and 6.x through 6.2.0 allows XSS via the queue n ...)
-	- ruby-sidekiq <unfixed>
+	- ruby-sidekiq <unfixed> (bug #987354)
 	[stretch] - ruby-sidekiq <no-dsa> (Minor issue)
 	NOTE: https://github.com/mperham/sidekiq/issues/4852
 	NOTE: https://github.com/mperham/sidekiq/commit/64f70339d1dcf50a55c00d36bfdb61d97ec63ed8
@@ -43311,7 +43311,7 @@ CVE-2020-25866 (In Wireshark 3.2.0 to 3.2.6 and 3.0.0 to 3.0.13, the BLIP protoc
 CVE-2020-25865
 	RESERVED
 CVE-2020-25864 (HashiCorp Consul and Consul Enterprise up to version 1.9.4 key-value ( ...)
-	- consul <unfixed>
+	- consul <unfixed> (bug #987351)
 	[buster] - consul <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1950275
 	NOTE: https://github.com/hashicorp/consul/pull/10023
@@ -84410,7 +84410,7 @@ CVE-2020-8935 (An arbitrary memory overwrite vulnerability in Asylo versions up
 CVE-2020-8934
 	RESERVED
 CVE-2020-8933 (A vulnerability in Google Cloud Platform's guest-oslogin versions betw ...)
-	- google-compute-image-packages <unfixed>
+	- google-compute-image-packages <unfixed> (bug #987353)
 	NOTE: https://cloud.google.com/compute/docs/security-bulletins#2020619
 	NOTE: https://github.com/GoogleCloudPlatform/guest-oslogin/pull/29
 CVE-2020-8932
@@ -84466,7 +84466,7 @@ CVE-2020-8909
 CVE-2020-8908 (A temp directory creation vulnerability exists in all versions of Guav ...)
 	NOT-FOR-US: Google Guava
 CVE-2020-8907 (A vulnerability in Google Cloud Platform's guest-oslogin versions betw ...)
-	- google-compute-image-packages <unfixed>
+	- google-compute-image-packages <unfixed> (bug #987353)
 	NOTE: https://cloud.google.com/compute/docs/security-bulletins#2020619
 	NOTE: https://github.com/GoogleCloudPlatform/guest-oslogin/pull/29
 CVE-2020-8906
@@ -84476,7 +84476,7 @@ CVE-2020-8905 (A buffer length validation vulnerability in Asylo versions prior
 CVE-2020-8904 (An arbitrary memory overwrite vulnerability in the trusted memory of A ...)
 	NOT-FOR-US: Asylo
 CVE-2020-8903 (A vulnerability in Google Cloud Platform's guest-oslogin versions betw ...)
-	- google-compute-image-packages <unfixed>
+	- google-compute-image-packages <unfixed> (bug #987353)
 	NOTE: https://cloud.google.com/compute/docs/security-bulletins#2020619
 	NOTE: https://github.com/GoogleCloudPlatform/guest-oslogin/pull/29
 CVE-2020-8902 (Rendertron versions prior to 3.0.0 are are susceptible to a Server-Sid ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/caccc6243e3cac19fa92cb47acd61225f79cb214...bccca9b242dbfe4e4e291010ca635e451f7ff682

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/caccc6243e3cac19fa92cb47acd61225f79cb214...bccca9b242dbfe4e4e291010ca635e451f7ff682
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210422/ff2faed0/attachment-0001.htm>
