[Git][security-tracker-team/security-tracker][master] Add new salt issues from 25th february advisory

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
003e1ea6 by Salvatore Bonaccorso at 2021-02-27T11:09:30+01:00
Add new salt issues from 25th february advisory

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -5095,7 +5095,8 @@ CVE-2020-36201 (An issue was discovered in certain Xerox WorkCentre products. Th
 CVE-2019-25015 (LuCI in OpenWrt 18.06.0 through 18.06.4 allows stored XSS via a crafte ...)
 	NOT-FOR-US: LuCI in OpenWrt
 CVE-2021-3197 (An issue was discovered in SaltStack Salt before 3002.5. The salt-api' ...)
-	TODO: check
+	- salt <unfixed>
+	NOTE: https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/
 CVE-2021-3196
 	RESERVED
 CVE-2021-3195 (** DISPUTED ** bitcoind in Bitcoin Core through 0.21.0 can create a ne ...)
@@ -6009,13 +6010,17 @@ CVE-2021-25286
 CVE-2021-25285
 	RESERVED
 CVE-2021-25284 (An issue was discovered in through SaltStack Salt before 3002.5. salt. ...)
-	TODO: check
+	- salt <unfixed>
+	NOTE: https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/
 CVE-2021-25283 (An issue was discovered in through SaltStack Salt before 3002.5. The j ...)
-	TODO: check
+	- salt <unfixed>
+	NOTE: https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/
 CVE-2021-25282 (An issue was discovered in through SaltStack Salt before 3002.5. The s ...)
-	TODO: check
+	- salt <unfixed>
+	NOTE: https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/
 CVE-2021-25281 (An issue was discovered in through SaltStack Salt before 3002.5. salt- ...)
-	TODO: check
+	- salt <unfixed>
+	NOTE: https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/
 CVE-2021-XXXX [Unexpected database bindings via requests (follow-up)]
 	- php-laravel-framework 6.20.14+dfsg-1
 	NOTE: https://github.com/laravel/framework/security/advisories/GHSA-x7p5-p2c9-phvg
@@ -6231,7 +6236,8 @@ CVE-2021-3150
 CVE-2021-3149 (On Netshield NANO 25 10.2.18 devices, /usr/local/webmin/System/manual_ ...)
 	NOT-FOR-US: Netshield NANO devices
 CVE-2021-3148 (An issue was discovered in SaltStack Salt before 3002.5. Sending craft ...)
-	TODO: check
+	- salt <unfixed>
+	NOTE: https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/
 CVE-2021-3147
 	RESERVED
 CVE-2021-25196
@@ -8410,7 +8416,8 @@ CVE-2021-3146
 CVE-2021-3145
 	RESERVED
 CVE-2021-3144 (In SaltStack Salt before 3002.5, eauth tokens can be used once after e ...)
-	TODO: check
+	- salt <unfixed>
+	NOTE: https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25/
 CVE-2021-3143
 	RESERVED
 CVE-2021-3142



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/003e1ea6f738b1062fb06b7168fd1606cf1c42e9

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/003e1ea6f738b1062fb06b7168fd1606cf1c42e9
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210227/8fe2eef0/attachment.htm>