[Git][security-tracker-team/security-tracker][master] 2 commits: Remove two no-dsa items for nextcloud-desktop issues

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue Aug 24 20:11:51 BST 2021 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
c0ae7fb6 by Salvatore Bonaccorso at 2021-08-24T21:10:41+02:00
Remove two no-dsa items for nextcloud-desktop issues

- - - - -
fe717189 by Salvatore Bonaccorso at 2021-08-24T21:11:27+02:00
Track nextcloud-desktop in dsa-needed list

- - - - -


2 changed files:

- data/CVE/list
- data/dsa-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -16712,8 +16712,6 @@ CVE-2021-32729 (XWiki Platform is a generic wiki platform offering runtime servi
 	NOT-FOR-US: XWiki
 CVE-2021-32728 (The Nextcloud Desktop Client is a tool to synchronize files from Nextc ...)
 	- nextcloud-desktop 3.3.1-1
-	[bullseye] - nextcloud-desktop <no-dsa> (Minor issue)
-	[buster] - nextcloud-desktop <no-dsa> (Minor issue)
 	NOTE: https://github.com/nextcloud/security-advisories/security/advisories/GHSA-f5fr-5gcv-6cc5
 	NOTE: https://github.com/nextcloud/desktop/pull/3338
 CVE-2021-32727 (Nextcloud Android Client is the Android client for Nextcloud. Clients  ...)
@@ -40835,8 +40833,6 @@ CVE-2021-22896 (Nextcloud Mail before 1.9.5 suffers from improper access control
 	NOT-FOR-US: Nextcloud Mail
 CVE-2021-22895 (Nextcloud Desktop Client before 3.3.1 is vulnerable to improper certif ...)
 	- nextcloud-desktop 3.3.1-1 (bug #989846)
-	[bullseye] - nextcloud-desktop <no-dsa> (Minor issue)
-	[buster] - nextcloud-desktop <no-dsa> (Minor issue)
 	NOTE: https://github.com/nextcloud/desktop/pull/2926
 	NOTE: https://github.com/nextcloud/desktop/commit/b1ddd0e491b2af0ed040e658d8bcde2a7a61c9fc (stable-3.1)
 	NOTE: https://github.com/nextcloud/security-advisories/security/advisories/GHSA-qpgp-vf4p-wcw5


=====================================
data/dsa-needed.txt
=====================================
@@ -31,6 +31,9 @@ linux (carnil)
 --
 ndpi
 --
+nextcloud-desktop
+  Maintainer prepared an update for bullseye, needs update for buster
+--
 nodejs (jmm)
 --
 puppetdb (jmm)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/297f44795a232e663caaf7c14c8835a783e8f03b...fe7171890596c9408e149e28214e64cb36eb96d7

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/297f44795a232e663caaf7c14c8835a783e8f03b...fe7171890596c9408e149e28214e64cb36eb96d7
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210824/f1fd050f/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list