[Git][security-tracker-team/security-tracker][master] Add CVE-2021-21236/cairosvg
Salvatore Bonaccorso
carnil at debian.org
Fri Jan 8 20:23:18 GMT 2021
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
7029c19a by Salvatore Bonaccorso at 2021-01-08T21:22:20+01:00
Add CVE-2021-21236/cairosvg
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -5382,7 +5382,9 @@ CVE-2021-21238
CVE-2021-21237
RESERVED
CVE-2021-21236 (CairoSVG is a Python (pypi) package. CairoSVG is an SVG converter base ...)
- TODO: check
+ - cairosvg <unfixed>
+ NOTE: https://github.com/Kozea/CairoSVG/security/advisories/GHSA-hq37-853p-g5cf
+ NOTE: https://github.com/Kozea/CairoSVG/commit/063185b60588a41d4df661ad70f9f7b699901abc (2.5.1)
CVE-2021-21235 (kamadak-exif is an exif parsing library written in pure Rust. In kamad ...)
- rust-kamadak-exif <unfixed>
NOTE: https://github.com/kamadak/exif-rs/security/advisories/GHSA-px9g-8hgv-jvg2
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7029c19a8e8a2a7c888735bf317db00c9f797e27
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7029c19a8e8a2a7c888735bf317db00c9f797e27
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210108/eff94ba2/attachment.html>
More information about the debian-security-tracker-commits
mailing list