[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sun Aug 8 21:10:41 BST 2021 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
8e5d51e9 by security tracker role at 2021-08-08T20:10:33+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,5 @@
+CVE-2021-38197 (unarr.go in go-unarr (aka Go bindings for unarr) 0.1.1 allows Director ...)
+	TODO: check
 CVE-2021-38196 (An issue was discovered in the better-macro crate through 2021-07-22 f ...)
 	TODO: check
 CVE-2021-38195 (An issue was discovered in the libsecp256k1 crate before 0.5.0 for Rus ...)
@@ -3356,11 +3358,11 @@ CVE-2021-36716 (A ReDoS (regular expression denial of service) flaw was found in
 	NOT-FOR-US: Node is-email
 CVE-2021-3643
 	RESERVED
-CVE-2021-38193 [RUSTSEC-2021-0074]
+CVE-2021-38193 (An issue was discovered in the ammonia crate before 3.1.0 for Rust. XS ...)
 	- rust-ammonia <unfixed> (bug #991497)
 	NOTE: https://github.com/rust-ammonia/ammonia/commit/4b8426b89b861d9bea20e126576b0febb9d13515
 	NOTE: https://rustsec.org/advisories/RUSTSEC-2021-0074.html
-CVE-2021-38191 [RUSTSEC-2021-0072]
+CVE-2021-38191 (An issue was discovered in the tokio crate before 1.8.1 for Rust. Upon ...)
 	- rust-tokio <not-affected> (Introduced in 0.3.0)
 	NOTE: https://rustsec.org/advisories/RUSTSEC-2021-0072.html
 	NOTE: https://github.com/tokio-rs/tokio/issues/3929
@@ -35369,8 +35371,8 @@ CVE-2021-23421
 	RESERVED
 CVE-2021-23420
 	RESERVED
-CVE-2021-23419
-	RESERVED
+CVE-2021-23419 (This affects the package open-graph before 0.2.6. The function parse c ...)
+	TODO: check
 CVE-2021-23418 (The package glances before 3.2.1 are vulnerable to XML External Entity ...)
 	- glances <unfixed>
 	[bullseye] - glances <no-dsa> (Minor issue)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8e5d51e9758bfddaf5d802bdaadbaca6aa2645e0

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8e5d51e9758bfddaf5d802bdaadbaca6aa2645e0
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210808/d9f20c22/attachment.htm>

More information about the debian-security-tracker-commits mailing list