[Git][security-tracker-team/security-tracker][master] bullseye triage

Moritz Muehlenhoff jmm at debian.org
Fri Jan 29 19:41:53 GMT 2021 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
8970a0ae by Moritz Muehlenhoff at 2021-01-29T20:41:30+01:00
bullseye triage

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -99381,7 +99381,7 @@ CVE-2019-17384 (The animate-it plugin before 2.3.4 for WordPress has XSS. ...)
 CVE-2019-17383 (The netaddr gem before 2.0.4 for Ruby has misconfigured file permissio ...)
 	- ruby-netaddr <not-affected> (Upstream packaging issue)
 CVE-2019-17382 (An issue was discovered in zabbix.php?action=dashboard.view&dashbo ...)
-	- zabbix <unfixed>
+	- zabbix 1:5.0.0+dfsg-1
 	[buster] - zabbix <no-dsa> (Minor issue)
 	[stretch] - zabbix <ignored> (Minor issue, no patch, guest accounts can be disabled)
 	[jessie] - zabbix <no-dsa> (Minor issue, guest accounts can be disabled)
@@ -105918,7 +105918,7 @@ CVE-2019-15133 (In GIFLIB before 2019-02-16, a malformed GIF file triggers a div
 	NOTE: https://sourceforge.net/p/giflib/code/ci/799eb6a3af8a3dd81e2429bf11a72a57e541f908/
 	NOTE: https://sourceforge.net/p/giflib/bugs/119/
 CVE-2019-15132 (Zabbix through 4.4.0alpha1 allows User Enumeration. With login request ...)
-	- zabbix <unfixed> (bug #935027)
+	- zabbix 1:5.0.0+dfsg-1 (bug #935027)
 	[buster] - zabbix <no-dsa> (Minor issue)
 	[stretch] - zabbix <no-dsa> (Minor issue)
 	[jessie] - zabbix <postponed> (Minor issue)
@@ -127925,7 +127925,7 @@ CVE-2019-8415
 CVE-2019-8414
 	RESERVED
 CVE-2013-7469 (Seafile through 6.2.11 always uses the same Initialization Vector (IV) ...)
-	- seafile <unfixed> (bug #923009)
+	- seafile 7.0.2-1 (bug #923009)
 	[buster] - seafile <ignored> (Minor issue)
 	NOTE: https://github.com/haiwen/seafile/issues/350
 CVE-2019-8413 (On Xiaomi MIX 2 devices with the 4.4.78 kernel, a NULL pointer derefer ...)
@@ -356815,6 +356815,7 @@ CVE-2013-0343 (The ipv6_create_tempaddr function in net/ipv6/addrconf.c in the L
 	- linux-2.6 <removed> (low)
 CVE-2013-0342 (The CreateID function in packet.py in pyrad before 2.1 uses sequential ...)
 	- pyrad <unfixed> (low; bug #701151)
+	[bullseye] - pyrad <ignored> (Minor issue)
 	[buster] - pyrad <ignored> (Minor issue)
 	[stretch] - pyrad <ignored> (Minor issue)
 	[jessie] - pyrad <no-dsa> (Minor issue)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8970a0ae2aa8133be66402ea43dc6b82d6a0534c

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8970a0ae2aa8133be66402ea43dc6b82d6a0534c
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210129/15094f4a/attachment-0001.html>

More information about the debian-security-tracker-commits mailing list