[Git][security-tracker-team/security-tracker][master] new gradle issue

Moritz Muehlenhoff (@jmm) jmm at debian.org
Mon Aug 2 11:30:37 BST 2021 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
878dda19 by Moritz Muehlenhoff at 2021-08-02T12:30:23+02:00
new gradle issue

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -7333,7 +7333,6 @@ CVE-2021-34555 (OpenDMARC 1.4.1 and 1.4.1.1 allows remote attackers to cause a d
 	[stretch] - opendmarc <not-affected> (Vulnerable code (multi-value-From:) introduced later)
 	NOTE: https://github.com/trusteddomainproject/OpenDMARC/issues/179
 	NOTE: https://github.com/trusteddomainproject/OpenDMARC/pull/178
-	TODO: check, seems introduced by the fix for CVE-2019-16378, cf. https://github.com/trusteddomainproject/OpenDMARC/issues/179#issuecomment-856798477
 CVE-2021-34554
 	RESERVED
 CVE-2021-34553 (Sonatype Nexus Repository Manager 3.x before 3.31.0 allows a remote au ...)
@@ -11508,7 +11507,10 @@ CVE-2021-32753 (EdgeX Foundry is an open source project for building a common op
 CVE-2021-32752 (Ether Logs is a package that allows one to check one's logs in the Cra ...)
 	NOT-FOR-US: Ether Logs
 CVE-2021-32751 (Gradle is a build tool with a focus on build automation. In versions p ...)
-	TODO: check
+	- gradle <unfixed>
+	[bullseye] - gradle <ignored> (Minor issue)
+	[buster] - gradle <ignored> (Minor issue)
+	NOTE: https://github.com/gradle/gradle/security/advisories/GHSA-6j2p-252f-7mw8
 CVE-2021-32750 (MuWire is a file publishing and networking tool that protects the iden ...)
 	NOT-FOR-US: MuWire
 CVE-2021-32749 (fail2ban is a daemon to ban hosts that cause multiple authentication e ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/878dda1954e806bb9e66fa6eebc9965ab5919bc4

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/878dda1954e806bb9e66fa6eebc9965ab5919bc4
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210802/1af37a74/attachment.htm>

More information about the debian-security-tracker-commits mailing list