[Git][security-tracker-team/security-tracker][master] new postgres issues, older releases still TBD

Thu Feb 11 12:09:24 GMT 2021


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
8574428d by Moritz Muehlenhoff at 2021-02-11T13:08:56+01:00
new postgres issues, older releases still TBD

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1284,8 +1284,9 @@ CVE-2021-3395 (A cross-site scripting (XSS) vulnerability in Pryaniki 6.44.3 all
 	NOT-FOR-US: Pryaniki
 CVE-2021-3394 (Millennium Millewin (also known as "Cartella clinica") 13.39.028, 13.3 ...)
 	NOT-FOR-US: Millennium Millewin
-CVE-2021-3393
+CVE-2021-3393 [postgres: information leak in error message]
 	RESERVED
+	- postgresql-13 13.2-1
 CVE-2021-3392 [scsi: mptsas: use-after-free while processing io requests]
 	RESERVED
 	- qemu <unfixed>
@@ -16657,8 +16658,9 @@ CVE-2021-20230 [client certificate not correctly verified when redirect and veri
 	- stunnel4 <unfixed>
 	NOTE: https://github.com/mtrojnar/stunnel/commit/ebad9ddc4efb2635f37174c9d800d06206f1edf9
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1925226
-CVE-2021-20229
+CVE-2021-20229 [postgres: information leak in some select statements]
 	RESERVED
+	- postgresql-13 13.2-1
 CVE-2021-20228 [basic.py no_log with fallback option]
 	RESERVED
 	- ansible <unfixed>



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8574428d39109733f63ab5acda39b9d5a85a2566

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8574428d39109733f63ab5acda39b9d5a85a2566
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210211/2858ee34/attachment.html>
