[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Thu Jul 8 09:10:27 BST 2021 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
2b503c00 by security tracker role at 2021-07-08T08:10:20+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,37 @@
+CVE-2021-3638
+	RESERVED
+CVE-2021-36235
+	RESERVED
+CVE-2021-36234
+	RESERVED
+CVE-2021-36233
+	RESERVED
+CVE-2021-36232
+	RESERVED
+CVE-2021-36231
+	RESERVED
+CVE-2021-36230
+	RESERVED
+CVE-2021-36229
+	RESERVED
+CVE-2021-36228
+	RESERVED
+CVE-2021-36227
+	RESERVED
+CVE-2021-36226
+	RESERVED
+CVE-2021-36225
+	RESERVED
+CVE-2021-36224
+	RESERVED
+CVE-2021-36223
+	RESERVED
+CVE-2021-36222
+	RESERVED
+CVE-2021-36221
+	RESERVED
+CVE-2021-36220
+	RESERVED
 CVE-2021-36219
 	RESERVED
 CVE-2021-36218
@@ -4019,8 +4053,8 @@ CVE-2021-34432
 	RESERVED
 CVE-2021-34431
 	RESERVED
-CVE-2021-34430
-	RESERVED
+CVE-2021-34430 (Eclipse TinyDTLS through 0.9-rc1 relies on the rand function in the C  ...)
+	TODO: check
 CVE-2021-34429
 	RESERVED
 CVE-2021-34428 (For Eclipse Jetty versions <= 9.4.40, <= 10.0.2, <= 11.0.2, i ...)
@@ -7931,10 +7965,10 @@ CVE-2021-32717 (Shopware is an open source eCommerce platform. In versions prior
 	NOT-FOR-US: Shopware
 CVE-2021-32716 (Shopware is an open source eCommerce platform. In versions prior to 6. ...)
 	NOT-FOR-US: Shopware
-CVE-2021-32715
-	RESERVED
-CVE-2021-32714
-	RESERVED
+CVE-2021-32715 (hyper is an HTTP library for rust. hyper's HTTP/1 server code had a fl ...)
+	TODO: check
+CVE-2021-32714 (hyper is an HTTP library for Rust. In versions prior to 0.14.10, hyper ...)
+	TODO: check
 CVE-2021-32713 (Shopware is an open source eCommerce platform. Versions prior to 5.6.1 ...)
 	NOT-FOR-US: Shopware
 CVE-2021-32712 (Shopware is an open source eCommerce platform. Versions prior to 5.6.1 ...)
@@ -34031,8 +34065,8 @@ CVE-2021-21809 (A command execution vulnerability exists in the default legacy s
 	NOT-FOR-US: Moodle plugin
 CVE-2021-21808 (A memory corruption vulnerability exists in the PNG png_palette_proces ...)
 	NOT-FOR-US: Accusoft ImageGear
-CVE-2021-21807
-	RESERVED
+CVE-2021-21807 (An integer overflow vulnerability exists in the DICOM parse_dicom_meta ...)
+	TODO: check
 CVE-2021-21806
 	RESERVED
 CVE-2021-21805
@@ -34097,8 +34131,8 @@ CVE-2021-21777 (An information disclosure vulnerability exists in the Ethernet/I
 	NOT-FOR-US: EIP Stack Group OpENer
 CVE-2021-21776 (An out-of-bounds write vulnerability exists in the SGI Format Buffer S ...)
 	NOT-FOR-US: ImageGear
-CVE-2021-21775
-	RESERVED
+CVE-2021-21775 (A use-after-free vulnerability exists in the way certain events are pr ...)
+	TODO: check
 CVE-2021-21774
 	RESERVED
 CVE-2021-21773 (An out-of-bounds write vulnerability exists in the TIFF header count-p ...)
@@ -453738,7 +453772,7 @@ CVE-2008-1880 (The default configuration of Firebird before 2.0.3.12981.0-r6 on
 	NOTE: on debian after the installation firebird2.0-super is disabled, to enable it
 	NOTE: you need to call dpkg-reconfigure
 CVE-2008-1879
-	RESERVED
+	REJECTED
 CVE-2007-6715 (Mozilla Firefox allows remote attackers to cause a denial of service ( ...)
 	- iceweasel <removed> (unimportant)
 	NOTE: browser dos not treated as security issues
@@ -463344,7 +463378,7 @@ CVE-2007-5004 (Integer overflow in CA (Computer Associates) BrightStor ARCserve
 CVE-2007-5003 (Multiple stack-based buffer overflows in CA (Computer Associates) Brig ...)
 	NOT-FOR-US: CA ARCserve Backup
 CVE-2007-5002
-	RESERVED
+	REJECTED
 CVE-2007-5001 (Linux kernel before 2.4.21 allows local users to cause a denial of ser ...)
 	- linux-2.6 <not-affected> (RedHat/RHEL3 specific patch only)
 CVE-2007-5000 (Cross-site scripting (XSS) vulnerability in the (1) mod_imap module in ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2b503c00a357691cd8babbc872beff09be20ef87

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2b503c00a357691cd8babbc872beff09be20ef87
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210708/9c0a51f2/attachment.htm>

More information about the debian-security-tracker-commits mailing list