[Git][security-tracker-team/security-tracker][master] 2 commits: Process one NFU

Wed Jan 27 20:19:17 GMT 2021


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
da96a541 by Salvatore Bonaccorso at 2021-01-27T21:18:29+01:00
Process one NFU

- - - - -
9725cc58 by Salvatore Bonaccorso at 2021-01-27T21:18:43+01:00
Add CVE-2021-3272/jasper

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,5 +1,5 @@
 CVE-2021-3325 (Monitorix 3.13.0 allows remote attackers to bypass Basic Authenticatio ...)
-	TODO: check
+	NOT-FOR-US: Monitorix
 CVE-2021-3324
 	RESERVED
 CVE-2021-3323
@@ -958,7 +958,8 @@ CVE-2021-3274
 CVE-2021-3273
 	RESERVED
 CVE-2021-3272 (jp2_decode in jp2/jp2_dec.c in libjasper in JasPer 2.0.24 has a heap-b ...)
-	TODO: check
+	- jasper <removed>
+	NOTE: https://github.com/jasper-software/jasper/issues/259
 CVE-2021-3271 (PressBooks 5.17.3 contains a cross-site scripting (XSS). Stored XSS ca ...)
 	NOT-FOR-US: PressBooks
 CVE-2021-3270



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/68406f4bcf62045525130d892146e20fecf005d4...9725cc58a14bb4aa997865729a241b7e6bdf328b

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/68406f4bcf62045525130d892146e20fecf005d4...9725cc58a14bb4aa997865729a241b7e6bdf328b
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210127/14942f97/attachment.html>
