[Git][security-tracker-team/security-tracker][master] libxml2 no-dsa

Moritz Muehlenhoff jmm at debian.org
Wed Apr 28 09:13:37 BST 2021 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
88c9879b by Moritz Muehlenhoff at 2021-04-28T10:13:19+02:00
libxml2 no-dsa

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -79,16 +79,19 @@ CVE-2020-36326 (PHPMailer 6.1.8 through 6.4.0 allows object injection through Ph
 CVE-2021-3518 [use-after-free in xmlXIncludeDoProcess() in xinclude.c]
 	RESERVED
 	- libxml2 <unfixed>
+	[buster] - libxml2 <no-dsa> (Minor issue)
 	NOTE: https://gitlab.gnome.org/GNOME/libxml2/-/issues/237
 	NOTE: https://gitlab.gnome.org/GNOME/libxml2/-/commit/1098c30a040e72a4654968547f415be4e4c40fe7
 CVE-2021-3517 [heap-based buffer overflow in xmlEncodeEntitiesInternal() in entities.c]
 	RESERVED
 	- libxml2 <unfixed>
+	[buster] - libxml2 <no-dsa> (Minor issue)
 	NOTE: https://gitlab.gnome.org/GNOME/libxml2/-/issues/235
 	NOTE: https://gitlab.gnome.org/GNOME/libxml2/-/commit/bf22713507fe1fc3a2c4b525cf0a88c2dc87a3a2
 CVE-2021-3516 [use-after-free in xmlEncodeEntitiesInternal() in entities.c]
 	RESERVED
 	- libxml2 <unfixed>
+	[buster] - libxml2 <no-dsa> (Minor issue)
 	NOTE: https://gitlab.gnome.org/GNOME/libxml2/-/issues/230
 	NOTE: https://gitlab.gnome.org/GNOME/libxml2/-/commit/1358d157d0bd83be1dfe356a69213df9fac0b539
 CVE-2021-3515
@@ -3889,8 +3892,6 @@ CVE-2021-30129
 	RESERVED
 CVE-2021-30128 (Apache OFBiz has unsafe deserialization prior to 17.12.07 version ...)
 	NOT-FOR-US: Apache OFBiz
-CVE-2021-30128
-	RESERVED
 CVE-2021-30127 (TerraMaster F2-210 devices through 2021-04-03 use UPnP to make the adm ...)
 	NOT-FOR-US: Terramaster
 CVE-2021-30126 (Lightmeter ControlCenter 1.1.0 through 1.5.x before 1.5.1 allows anyon ...)
@@ -6022,8 +6023,6 @@ CVE-2021-29201
 	RESERVED
 CVE-2021-29200 (Apache OFBiz has unsafe deserialization prior to 17.12.07 version An u ...)
 	NOT-FOR-US: Apache OFBiz
-CVE-2021-29200
-	RESERVED
 CVE-2021-29199
 	RESERVED
 CVE-2021-29198



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/88c9879b9b6b1fca32787e0d3e0795547f04c0a3

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/88c9879b9b6b1fca32787e0d3e0795547f04c0a3
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210428/de7f51b3/attachment.htm>

More information about the debian-security-tracker-commits mailing list