[Git][security-tracker-team/security-tracker][master] Move source package listings before notes
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Jul 20 16:27:33 BST 2021
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
1c8036cd by Salvatore Bonaccorso at 2021-07-20T15:54:18+02:00
Move source package listings before notes
Not a technical requirement, just more for reading flow.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -3362,6 +3362,15 @@ CVE-2021-35475 (SAS Environment Manager 2.5 allows XSS through the Name field wh
NOT-FOR-US: SAS Environment Manager
CVE-2021-3618
RESERVED
+ - nginx <unfixed>
+ [bullseye] - nginx <no-dsa> (Minor issue)
+ [buster] - nginx <no-dsa> (Minor issue)
+ - vsftpd <unfixed>
+ [bullseye] - vsftpd <no-dsa> (Minor issue)
+ [buster] - vsftpd <no-dsa> (Minor issue)
+ - sendmail <unfixed>
+ [bullseye] - sendmail <no-dsa> (Minor issue)
+ [buster] - sendmail <no-dsa> (Minor issue)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1975623
NOTE: https://alpaca-attack.com/
NOTE: Generic TLS protocol issue, some applications have released mitigations:
@@ -3372,15 +3381,6 @@ CVE-2021-3618
NOTE: * Add ssl_sni_hostname option to require a match on incoming SNI hostname.
NOTE: sendmail: Fixed in 3.16.1: https://marc.info/?l=sendmail-announce&m=159394546814125&w=2
NOTE: exim4 has config option: https://lists.exim.org/lurker/message/20210609.200324.f0e073ed.el.html
- - nginx <unfixed>
- [bullseye] - nginx <no-dsa> (Minor issue)
- [buster] - nginx <no-dsa> (Minor issue)
- - vsftpd <unfixed>
- [bullseye] - vsftpd <no-dsa> (Minor issue)
- [buster] - vsftpd <no-dsa> (Minor issue)
- - sendmail <unfixed>
- [bullseye] - sendmail <no-dsa> (Minor issue)
- [buster] - sendmail <no-dsa> (Minor issue)
CVE-2021-3617
RESERVED
CVE-2021-3616
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1c8036cde685955d7e5d56d5e94ce9cd43510828
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1c8036cde685955d7e5d56d5e94ce9cd43510828
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210720/6bbdb45a/attachment.htm>
More information about the debian-security-tracker-commits
mailing list