[Git][security-tracker-team/security-tracker][master] bullseye triage
Moritz Muehlenhoff
jmm at debian.org
Sat Jan 9 23:35:34 GMT 2021
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
0abec4fc by Moritz Mühlenhoff at 2021-01-10T00:35:19+01:00
bullseye triage
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -19364,6 +19364,7 @@ CVE-2018-21269 (checkpath in OpenRC through 0.42.1 might allow local users to ta
[stretch] - openrc <no-dsa> (Minor issue)
NOTE: https://github.com/OpenRC/openrc/issues/201
NOTE: http://michael.orlitzky.com/cves/cve-2018-21269.xhtml
+ NOTE: https://github.com/OpenRC/openrc/commit/b6fef599bf8493480664b766040fa9b0d4b1e335
CVE-2020-27734
RESERVED
CVE-2020-27733
@@ -72529,7 +72530,8 @@ CVE-2020-5967 (NVIDIA Linux GPU Display Driver, all versions, contains a vulnera
- nvidia-graphics-drivers-legacy-390xx 390.138-1 (bug #963908)
[buster] - nvidia-graphics-drivers-legacy-390xx 390.138-1~deb10u1
- nvidia-graphics-drivers-legacy-340xx <unfixed>
- [buster] - nvidia-graphics-drivers-legacy-340xx <ignored> (Non-free not supported)
+ [bullseye] - nvidia-graphics-drivers-legacy-340xx <ignored> (Non-free not supported, no updates provided by Nvidia for 340)
+ [buster] - nvidia-graphics-drivers-legacy-340xx <ignored> (Non-free not supported, no updates provided by Nvidia for 340)
[stretch] - nvidia-graphics-drivers-legacy-340xx <no-dsa> (Non-free not supported)
- nvidia-graphics-drivers-legacy-304xx <unfixed>
[stretch] - nvidia-graphics-drivers-legacy-304xx <no-dsa> (Non-free not supported)
@@ -72551,7 +72553,8 @@ CVE-2020-5963 (NVIDIA Windows GPU Display Driver, all versions, contains a vulne
- nvidia-graphics-drivers-legacy-390xx 390.138-1 (bug #963908)
[buster] - nvidia-graphics-drivers-legacy-390xx 390.138-1~deb10u1
- nvidia-graphics-drivers-legacy-340xx <unfixed>
- [buster] - nvidia-graphics-drivers-legacy-340xx <ignored> (Non-free not supported)
+ [bullseye] - nvidia-graphics-drivers-legacy-340xx <ignored> (Non-free not supported, no updates provided by Nvidia for 340)
+ [buster] - nvidia-graphics-drivers-legacy-340xx <ignored> (Non-free not supported, no updates provided by Nvidia for 340)
[stretch] - nvidia-graphics-drivers-legacy-340xx <no-dsa> (Non-free not supported)
- nvidia-graphics-drivers-legacy-304xx <unfixed>
[stretch] - nvidia-graphics-drivers-legacy-304xx <no-dsa> (Non-free not supported)
@@ -181087,7 +181090,8 @@ CVE-2018-6260 (NVIDIA graphics driver contains a vulnerability that may allow ac
- nvidia-graphics-drivers-legacy-390xx 390.116-1
[buster] - nvidia-graphics-drivers-legacy-390xx <no-dsa> (Non-free not supported)
- nvidia-graphics-drivers-legacy-340xx <unfixed>
- [buster] - nvidia-graphics-drivers-legacy-340xx <ignored> (Non-free not supported)
+ [bullseye] - nvidia-graphics-drivers-legacy-340xx <ignored> (Non-free not supported, no updates provided by Nvidia for 340)
+ [buster] - nvidia-graphics-drivers-legacy-340xx <ignored> (Non-free not supported, no updates provided by Nvidia for 340)
[stretch] - nvidia-graphics-drivers-legacy-340xx <ignored> (Non-free not supported)
- nvidia-graphics-drivers-legacy-304xx <unfixed>
[stretch] - nvidia-graphics-drivers-legacy-304xx <ignored> (Non-free not supported)
@@ -181112,6 +181116,7 @@ CVE-2018-6253 (NVIDIA GPU Display Driver contains a vulnerability in the DirectX
[jessie] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
[wheezy] - nvidia-graphics-drivers <end-of-life> (Non-free not supported)
- nvidia-graphics-drivers-legacy-340xx <unfixed>
+ [bullseye] - nvidia-graphics-drivers-legacy-340xx <ignored> (Non-free not supported, no updates provided by Nvidia for 340)
[buster] - nvidia-graphics-drivers-legacy-340xx <ignored> (Non-free not supported, no updates provided by Nvidia for 340)
[stretch] - nvidia-graphics-drivers-legacy-340xx <ignored> (Non-free not supported)
- nvidia-graphics-drivers-legacy-304xx <unfixed>
@@ -181130,6 +181135,7 @@ CVE-2018-6249 (NVIDIA GPU Display Driver contains a vulnerability in kernel mode
[jessie] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
[wheezy] - nvidia-graphics-drivers <end-of-life> (Non-free not supported)
- nvidia-graphics-drivers-legacy-340xx <unfixed>
+ [bullseye] - nvidia-graphics-drivers-legacy-340xx <ignored> (Non-free not supported, no updates provided by Nvidia for 340)
[buster] - nvidia-graphics-drivers-legacy-340xx <ignored> (Non-free not supported, no updates provided by Nvidia for 340)
[stretch] - nvidia-graphics-drivers-legacy-340xx <ignored> (Non-free not supported)
- nvidia-graphics-drivers-legacy-304xx <unfixed>
@@ -233039,6 +233045,7 @@ CVE-2017-6272 (NVIDIA GPU Display Driver contains a vulnerability in the kernel
[jessie] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
[wheezy] - nvidia-graphics-drivers <end-of-life> (Non-free not supported)
- nvidia-graphics-drivers-legacy-340xx <unfixed>
+ [bullseye] - nvidia-graphics-drivers-legacy-340xx <ignored> (Non-free not supported, no updates provided by Nvidia for 340)
[buster] - nvidia-graphics-drivers-legacy-340xx <ignored> (Non-free not supported, no updates provided by Nvidia for 340)
[stretch] - nvidia-graphics-drivers-legacy-340xx <ignored> (Non-free not supported)
- nvidia-graphics-drivers-legacy-304xx <unfixed>
@@ -233060,6 +233067,7 @@ CVE-2017-6267 (NVIDIA GPU Display Driver contains a vulnerability in the kernel
[jessie] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
[wheezy] - nvidia-graphics-drivers <end-of-life> (Non-free not supported)
- nvidia-graphics-drivers-legacy-340xx <unfixed>
+ [bullseye] - nvidia-graphics-drivers-legacy-340xx <ignored> (Non-free not supported, no updates provided by Nvidia for 340)
[buster] - nvidia-graphics-drivers-legacy-340xx <ignored> (Non-free not supported, no updates provided by Nvidia for 340)
[stretch] - nvidia-graphics-drivers-legacy-340xx <ignored> (Non-free not supported)
- nvidia-graphics-drivers-legacy-304xx <unfixed>
@@ -233073,6 +233081,7 @@ CVE-2017-6266 (NVIDIA GPU Display Driver contains a vulnerability in the kernel
[jessie] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
[wheezy] - nvidia-graphics-drivers <end-of-life> (Non-free not supported)
- nvidia-graphics-drivers-legacy-340xx <unfixed>
+ [bullseye] - nvidia-graphics-drivers-legacy-340xx <ignored> (Non-free not supported, no updates provided by Nvidia for 340)
[buster] - nvidia-graphics-drivers-legacy-340xx <ignored> (Non-free not supported, no updates provided by Nvidia for 340)
[stretch] - nvidia-graphics-drivers-legacy-340xx <ignored> (Non-free not supported)
- nvidia-graphics-drivers-legacy-304xx <unfixed>
@@ -350788,6 +350797,7 @@ CVE-2013-0338 (libxml2 2.9.0 and earlier allows context-dependent attackers to c
- libxml2 2.8.0+dfsg1-7+nmu1 (bug #702260)
CVE-2013-0337 (The default configuration of nginx, possibly 1.3.13 and earlier, uses ...)
- nginx <unfixed> (low; bug #701112)
+ [bullseye] - nginx <ignored> (Minor issue)
[buster] - nginx <ignored> (Minor issue)
[stretch] - nginx <ignored> (Minor issue)
[jessie] - nginx <ignored> (Minor issue)
@@ -365368,13 +365378,8 @@ CVE-2012-1097 (The regset (aka register set) feature in the Linux kernel before
{DSA-2443-1}
- linux-2.6 3.2.10-1 (low)
CVE-2012-1096 (NetworkManager 0.9 and earlier allows local users to use other users' ...)
- - network-manager <unfixed> (low; bug #684259)
- [buster] - network-manager <ignored> (Minor issue)
- [stretch] - network-manager <ignored> (Minor issue)
- [jessie] - network-manager <ignored> (Minor issue)
- [wheezy] - network-manager <ignored> (Minor issue)
- [squeeze] - network-manager <no-dsa> (Minor issue)
- NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=793329
+ NOTE: Design limitation, not treated as a security issue by upstream:
+ NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=793329#c1
CVE-2012-1095 (osc before 0.134 might allow remote OBS repository servers or package ...)
- osc 0.134.0-1 (unimportant)
NOTE: This is ultimately a bug in the respectice terminal emulations and not a vulnerability in osc
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0abec4fcd17dd321a1cb505b1a2b6f7926fd51d4
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0abec4fcd17dd321a1cb505b1a2b6f7926fd51d4
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210109/9bf65230/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list