[Git][security-tracker-team/security-tracker][master] new QT issues
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Thu Aug 12 08:00:02 BST 2021
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
dd1c353e by Moritz Mühlenhoff at 2021-08-12T08:59:42+02:00
new QT issues
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -57028,7 +57028,7 @@ CVE-2021-0086 (Observable response discrepancy in floating-point operations for
CVE-2021-0085
RESERVED
CVE-2021-0084 (Improper input validation in the Intel(R) Ethernet Controllers X722 an ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2021-0083 (Improper input validation in some Intel(R) Optane(TM) PMem versions be ...)
NOT-FOR-US: Intel
CVE-2021-0082
@@ -57072,9 +57072,9 @@ CVE-2021-0064
CVE-2021-0063
RESERVED
CVE-2021-0062 (Improper input validation in some Intel(R) Graphics Drivers before ver ...)
- TODO: check
+ NOT-FOR-US: Intel drivers for Windows
CVE-2021-0061 (Improper initialization in some Intel(R) Graphics Driver before versio ...)
- TODO: check
+ NOT-FOR-US: Intel drivers for Windows
CVE-2021-0060
RESERVED
CVE-2021-0059
@@ -57172,27 +57172,27 @@ CVE-2021-0014
CVE-2021-0013
RESERVED
CVE-2021-0012 (Use after free in some Intel(R) Graphics Driver before version 27.20.1 ...)
- TODO: check
+ NOT-FOR-US: Intel drivers for Windows
CVE-2021-0011
RESERVED
CVE-2021-0010
RESERVED
CVE-2021-0009 (Out-of-bounds read in the firmware for Intel(R) Ethernet Adapters 800 ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2021-0008 (Uncontrolled resource consumption in firmware for Intel(R) Ethernet Ad ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2021-0007 (Uncaught exception in firmware for Intel(R) Ethernet Adapters 800 Seri ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2021-0006 (Improper conditions check in firmware for Intel(R) Ethernet Adapters 8 ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2021-0005 (Uncaught exception in firmware for Intel(R) Ethernet Adapters 800 Seri ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2021-0004 (Improper buffer restrictions in the firmware of Intel(R) Ethernet Adap ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2021-0003 (Improper conditions check in some Intel(R) Ethernet Controllers 800 se ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2021-0002 (Improper conditions check in some Intel(R) Ethernet Controllers 800 se ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2021-0001 (Observable timing discrepancy in Intel(R) IPP before version 2020 upda ...)
NOT-FOR-US: Intel
CVE-2020-27669
@@ -64228,9 +64228,11 @@ CVE-2020-24744
CVE-2020-24743
RESERVED
CVE-2020-24742 (An issue has been fixed in Qt versions 5.14.0 where QPluginLoader atte ...)
- TODO: check
+ - qtbase-opensource-src 5.14.2+dfsg-3
+ NOTE: https://codereview.qt-project.org/c/qt/qtbase/+/280730
CVE-2020-24741 (An issue has been fixed in Qt versions 5.14.1 and 5.12.7 where QLibrar ...)
- TODO: check
+ - qtbase-opensource-src 5.14.2+dfsg-3
+ NOTE: https://bugreports.qt.io/browse/QTBUG-81272
CVE-2020-24740 (An issue was discovered in Pluck 4.7.10-dev2. There is a CSRF vulnerab ...)
NOT-FOR-US: Pluck CMS
CVE-2020-24739 (A CSRF vulnerability was found in iCMS v7.0.0 in the background deleti ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dd1c353e1d450417378ffa58fcab7dafbaa5dc03
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dd1c353e1d450417378ffa58fcab7dafbaa5dc03
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210812/841ffc54/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list