[Git][security-tracker-team/security-tracker][master] new ansible-runner issue, one n/a
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Thu Aug 19 12:14:14 BST 2021
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
55b2f406 by Moritz Muehlenhoff at 2021-08-19T13:13:29+02:00
new ansible-runner issue, one n/a
nbdkit, qemu no-dsa
concludes external check
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -122,6 +122,7 @@ CVE-2021-39246
CVE-2021-3716 [NBD_OPT_STRUCTURED_REPLY injection on STARTTLS]
RESERVED
- nbdkit <unfixed>
+ [bullseye] - nbdkit <no-dsa> (Minor issue)
[buster] - nbdkit <not-affected> (Vulnerable code introduced later)
[stretch] - nbdkit <not-affected> (Vulnerable code introduced later)
NOTE: Introduced by: https://github.com/libguestfs/nbdkit/commit/eaa4c6e9a2c4bdb71aefdd4b1d865e7a9af606a8 (v1.11.8)
@@ -179,8 +180,9 @@ CVE-2021-39231
CVE-2021-3713 [out-of-bounds write in UAS (USB Attached SCSI) device emulation]
RESERVED
- qemu <unfixed>
+ [bullseye] - qemu <no-dsa> (Minor issue)
+ [buster] - qemu <no-dsa> (Minor issue)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1994640
- TODO: check details
CVE-2021-39230
RESERVED
CVE-2021-39229
@@ -1561,8 +1563,14 @@ CVE-2021-3703
RESERVED
CVE-2021-3702
RESERVED
+ - ansible-runner <not-affected> (Vulnerable code introduced later)
+ NOTE: https://github.com/ansible/ansible-runner/pull/742/commits/0e9aa8a97e7832ef9a1553ef2908632a32d2b8c4
+ NOTE: Introduced in https://github.com/ansible/ansible-runner/commit/93e95a3df9021a38010386d07df121392d249253
CVE-2021-3701
RESERVED
+ - ansible-runner <unfixed>
+ NOTE: https://github.com/ansible/ansible-runner/issues/738
+ NOTE: https://github.com/ansible/ansible-runner/pull/742/commits/60b059f00409224acae1e417153a241c8591ad89
CVE-2021-3700
RESERVED
CVE-2021-38562
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/55b2f406dc03cc84ee77035bcf1823665984c1d4
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/55b2f406dc03cc84ee77035bcf1823665984c1d4
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210819/dda2460a/attachment.htm>
More information about the debian-security-tracker-commits
mailing list