[Git][security-tracker-team/security-tracker][master] bullseye triage
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Thu Aug 5 08:47:40 BST 2021
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
a9e39c4a by Moritz Muehlenhoff at 2021-08-05T09:47:29+02:00
bullseye triage
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -590,10 +590,14 @@ CVE-2021-37835
CVE-2021-37834
RESERVED
CVE-2021-37833 (A reflected cross-site scripting (XSS) vulnerability exists in multipl ...)
- - hoteldruid <unfixed>
+ - hoteldruid <unfixed> (bug #991910)
+ [bullseye] - hoteldruid <no-dsa> (Minor issue)
+ [buster] - hoteldruid <no-dsa> (Minor issue)
NOTE: https://github.com/dievus/CVE-2021-37833
CVE-2021-37832 (A SQL injection vulnerability exists in version 3.0.2 of Hotel Druid w ...)
- - hoteldruid <unfixed>
+ - hoteldruid <unfixed> (bug #991910)
+ [bullseye] - hoteldruid <no-dsa> (Minor issue)
+ [buster] - hoteldruid <no-dsa> (Minor issue)
NOTE: https://github.com/dievus/CVE-2021-37832
CVE-2021-37831
RESERVED
@@ -767,9 +771,11 @@ CVE-2021-37747
RESERVED
CVE-2021-37746 (textview_uri_security_check in textview.c in Claws Mail before 3.18.0, ...)
- claws-mail <unfixed> (bug #991722)
+ [bullseye] - claws-mail <no-dsa> (Minor issue)
[buster] - claws-mail <no-dsa> (Minor issue)
[stretch] - claws-mail <no-dsa> (Minor issue)
- sylpheed <unfixed> (bug #991723)
+ [bullseye] - sylpheed <no-dsa> (Minor issue)
[buster] - sylpheed <no-dsa> (Minor issue)
[stretch] - sylpheed <no-dsa> (Minor issue)
NOTE: https://git.claws-mail.org/?p=claws.git;a=commit;h=ac286a71ed78429e16c612161251b9ea90ccd431
@@ -68139,11 +68145,13 @@ CVE-2020-22285
RESERVED
CVE-2020-22284 (A buffer overflow vulnerability in the zepif_linkoutput() function of ...)
- lwip <unfixed> (bug #991646)
+ [bullseye] - lwip <no-dsa> (Minor issue)
[buster] - lwip <no-dsa> (Minor issue)
NOTE: https://savannah.nongnu.org/bugs/index.php?58554
NOTE: https://git.savannah.nongnu.org/cgit/lwip.git/commit/?id=8363c24e45a32728e385cfc2c3c36d88a8a9e70b
CVE-2020-22283 (A buffer overflow vulnerability in the icmp6_send_response_with_addrs_ ...)
- lwip <unfixed> (bug #991645)
+ [bullseye] - lwip <no-dsa> (Minor issue)
[buster] - lwip <no-dsa> (Minor issue)
NOTE: https://savannah.nongnu.org/bugs/index.php?58553
NOTE: Pre-requisite: http://git.savannah.nongnu.org/cgit/lwip.git/commit/?id=d843e47a1d65451bd7f7aaa5017b408bd108be88
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a9e39c4a1a84134a68675ff41a1fab8a59f14be2
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a9e39c4a1a84134a68675ff41a1fab8a59f14be2
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210805/66788280/attachment.htm>
More information about the debian-security-tracker-commits
mailing list