[Git][security-tracker-team/security-tracker][master] 4 commits: mark CVE-2021-36377 as no-dsa for Stretch
Thorsten Alteholz (@alteholz)
alteholz at debian.org
Fri Jul 23 10:59:01 BST 2021
Thorsten Alteholz pushed to branch master at Debian Security Tracker / security-tracker
Commits:
eefb3132 by Thorsten Alteholz at 2021-07-23T11:58:41+02:00
mark CVE-2021-36377 as no-dsa for Stretch
- - - - -
ba3b7722 by Thorsten Alteholz at 2021-07-23T11:58:43+02:00
mark CVE-2021-32746 as no-dsa for Stretch
- - - - -
74d74e4f by Thorsten Alteholz at 2021-07-23T11:58:44+02:00
mark CVE-2021-32747 as no-dsa for Stretch
- - - - -
f24658bd by Thorsten Alteholz at 2021-07-23T11:58:45+02:00
mark CVE-2021-3618 as no-dsa for Stretch
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -2200,6 +2200,7 @@ CVE-2021-36378
CVE-2021-36377 (Fossil before 2.14.2 and 2.15.x before 2.15.2 often skips the hostname ...)
- fossil 1:2.15.2-1
[buster] - fossil <no-dsa> (Minor issue)
+ [stretch] - fossil <no-dsa> (Minor issue)
NOTE: https://fossil-scm.org/forum/forumpost/8d367e16f53d93c789d70bd3bf2c9587227bbd5c6a7b8e512cccd79007536036
CVE-2021-36376 (dandavison delta before 0.8.3 on Windows resolves an executable's path ...)
NOT-FOR-US: dandavison delta
@@ -4269,13 +4270,16 @@ CVE-2021-3618
- nginx <unfixed> (bug #991328)
[bullseye] - nginx <no-dsa> (Minor issue)
[buster] - nginx <no-dsa> (Minor issue)
+ [stretch] - nginx <no-dsa> (Minor issue)
- vsftpd <unfixed> (bug #991329)
[bullseye] - vsftpd <no-dsa> (Minor issue)
[buster] - vsftpd <no-dsa> (Minor issue)
+ [stretch] - vsftpd <no-dsa> (Minor issue)
[experimental] - sendmail 8.16.1-1
- sendmail <unfixed> (bug #991331)
[bullseye] - sendmail <no-dsa> (Minor issue)
[buster] - sendmail <no-dsa> (Minor issue)
+ [stretch] - sendmail <no-dsa> (Minor issue)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1975623
NOTE: https://alpaca-attack.com/
NOTE: Generic TLS protocol issue, some applications have released mitigations:
@@ -10510,12 +10514,14 @@ CVE-2021-32747 (Icinga Web 2 is an open source monitoring web interface, framewo
[experimental] - icingaweb2 2.8.3-1~exp1
- icingaweb2 <unfixed> (bug #991116)
[buster] - icingaweb2 <no-dsa> (Minor issue)
+ [stretch] - icingaweb2 <no-dsa> (Minor issue)
NOTE: https://github.com/Icinga/icingaweb2/security/advisories/GHSA-2xv9-886q-p7xx
NOTE: https://github.com/Icinga/icingaweb2/commit/ffe8741c66af6ea085514a35ec878093b991875c (v2.8.3)
CVE-2021-32746 (Icinga Web 2 is an open source monitoring web interface, framework and ...)
[experimental] - icingaweb2 2.8.3-1~exp1
- icingaweb2 <unfixed> (bug #991116)
[buster] - icingaweb2 <no-dsa> (Minor issue)
+ [stretch] - icingaweb2 <no-dsa> (Minor issue)
NOTE: https://github.com/Icinga/icingaweb2/security/advisories/GHSA-cmgc-h4cx-3v43
NOTE: https://github.com/Icinga/icingaweb2/commit/80875d91bbfa52553fe7bb2c1a32a9814880d9c1 (v2.8.3)
CVE-2021-32745 (Collabora Online is a collaborative online office suite. A reflected X ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/85f266758683d334c98eec762039363b55d77a68...f24658bd6554e7408df3464078c7dfbdd4ce2053
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/85f266758683d334c98eec762039363b55d77a68...f24658bd6554e7408df3464078c7dfbdd4ce2053
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210723/eef1a11c/attachment.htm>
More information about the debian-security-tracker-commits
mailing list