[Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2021-21252 also affects civicrm and otrs2

David Prévot taffit at debian.org
Sat Jan 23 23:00:51 GMT 2021 


David Prévot pushed to branch master at Debian Security Tracker / security-tracker


Commits:
796ccbe1 by David Prévot at 2021-01-23T18:57:44-04:00
CVE-2021-21252 also affects civicrm and otrs2

- - - - -
8e5e5ab1 by David Prévot at 2021-01-23T19:00:32-04:00
CVE-2021-21263 also affects php-illuminate-database

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1828,6 +1828,7 @@ CVE-2021-25281
 	RESERVED
 CVE-2021-21263 (Laravel is a web application framework. Versions of Laravel before 6.2 ...)
 	- php-laravel-framework 6.20.11+dfsg-1 (bug #980095)
+	- php-illuminate-database <unfixed> (bug #980899)
 	NOTE: https://blog.laravel.com/security-laravel-62011-7302-8221-released
 	NOTE: https://github.com/laravel/framework/security/advisories/GHSA-3p32-j457-pg5x
 	NOTE: https://github.com/laravel/framework/pull/35865
@@ -11421,9 +11422,11 @@ CVE-2021-21254
 CVE-2021-21253 (OnlineVotingSystem is an open source project hosted on GitHub. OnlineV ...)
 	NOT-FOR-US: OnlineVotingSystem
 CVE-2021-21252 (The jQuery Validation Plugin provides drop-in validation for your exis ...)
+	- civicrm <unfixed> (bug #980892)
+	- otrs2 <unfixed> (bug #980891)
 	- phpmyadmin 4:5.0.4+dfsg2-2
 	NOTE: https://github.com/jquery-validation/jquery-validation/security/advisories/GHSA-jxwx-85vp-gvwm
-	NOTE: not packaged, but phpmyadmin embeds a copy
+	NOTE: not packaged, but civicrm, otrs2, and phpmyadmin embed a copy
 	NOTE: https://github.com/phpmyadmin/phpmyadmin/commit/401eedd288c4e83d69287b97a9f574f231156171
 CVE-2021-21251 (OneDev is an all-in-one devops platform. In OneDev before version 4.0. ...)
 	NOT-FOR-US: OneDev



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/2ea0977a29a10ec6a4d7e1b90243061212b74099...8e5e5ab1f60e5b3942f7432e7d0d776caed16224

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/2ea0977a29a10ec6a4d7e1b90243061212b74099...8e5e5ab1f60e5b3942f7432e7d0d776caed16224
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210123/c3a5b37c/attachment.html>

More information about the debian-security-tracker-commits mailing list