[Git][security-tracker-team/security-tracker][master] automatic update

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
f25c58c7 by security tracker role at 2021-01-19T08:10:18+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,27 @@
+CVE-2021-3179
+	RESERVED
+CVE-2021-3178 (** DISPUTED ** fs/nfsd/nfs3xdr.c in the Linux kernel through 5.10.8, w ...)
+	TODO: check
+CVE-2021-3177 (Python 3.x through 3.9.1 has a buffer overflow in PyCArg_repr in _ctyp ...)
+	TODO: check
+CVE-2021-3176
+	RESERVED
+CVE-2021-3175
+	RESERVED
+CVE-2021-25312
+	RESERVED
+CVE-2021-25311
+	RESERVED
+CVE-2021-25310
+	RESERVED
+CVE-2021-25309
+	RESERVED
+CVE-2021-25308
+	RESERVED
+CVE-2021-25307
+	RESERVED
+CVE-2021-25306
+	RESERVED
 CVE-2021-3174
 	RESERVED
 CVE-2021-25305
@@ -11104,8 +11128,8 @@ CVE-2021-20621
 	RESERVED
 CVE-2021-20620
 	RESERVED
-CVE-2021-20619
-	RESERVED
+CVE-2021-20619 (Cross-site scripting vulnerability in GROWI (v4.2 Series) versions pri ...)
+	TODO: check
 CVE-2021-20618 (Privilege chaining vulnerability in acmailer ver. 4.0.2 and earlier, a ...)
 	NOT-FOR-US: acmailer
 CVE-2021-20617 (Improper access control vulnerability in acmailer ver. 4.0.1 and earli ...)
@@ -15714,8 +15738,8 @@ CVE-2020-29452
 	RESERVED
 CVE-2020-29451
 	RESERVED
-CVE-2020-29450
-	RESERVED
+CVE-2020-29450 (Affected versions of Atlassian Confluence Server and Data Center allow ...)
+	TODO: check
 CVE-2020-29449
 	RESERVED
 CVE-2020-29448
@@ -16827,7 +16851,7 @@ CVE-2020-28951 (libuci in OpenWrt before 18.06.9 and 19.x before 19.07.5 may enc
 	NOT-FOR-US: libuci in OpenWrt
 CVE-2020-28950 (The installer of Kaspersky Anti-Ransomware Tool (KART) prior to KART 4 ...)
 	NOT-FOR-US: installer of Kaspersky Anti-Ransomware Tool (KART)
-CVE-2020-36193 [Disallow symlinks to out-of-path filenames]
+CVE-2020-36193 (Tar.php in Archive_Tar through 1.4.11 allows write operations with Dir ...)
 	- php-pear <unfixed> (bug #980428)
 	NOTE: https://github.com/pear/Archive_Tar/commit/cde460582ff389404b5b3ccb59374e9b389de916
 CVE-2020-28949 (Archive_Tar through 1.4.10 has :// filename sanitization only to addre ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f25c58c72bd1d696e976e5dcb32791b93a4ca334

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f25c58c72bd1d696e976e5dcb32791b93a4ca334
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210119/9385fc3c/attachment.html>