[Git][security-tracker-team/security-tracker][master] bullseye triage
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Fri Jul 23 16:30:25 BST 2021
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
5df7f6a9 by Moritz Muehlenhoff at 2021-07-23T17:29:41+02:00
bullseye triage
mosquitto CVEfied
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -905,6 +905,8 @@ CVE-2021-36977 (matio (aka MAT File I/O Library) 1.5.20 and 1.5.21 has a heap-ba
NOTE: https://github.com/google/oss-fuzz-vulns/blob/main/vulns/matio/OSV-2021-440.yaml
CVE-2021-36976 (libarchive 3.4.1 through 3.5.1 has a use-after-free in copy_string (ca ...)
- libarchive <unfixed>
+ [bullseye] - libarchive <no-dsa> (Minor issue)
+ [buster] - libarchive <no-dsa> (Minor issue)
NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32375
NOTE: https://github.com/google/oss-fuzz-vulns/blob/main/vulns/libarchive/OSV-2021-557.yaml
CVE-2021-36975
@@ -1259,6 +1261,7 @@ CVE-2020-36429 (Variant_encodeJson in open62541 1.x before 1.0.4 has an out-of-b
NOT-FOR-US: open62541
CVE-2020-36428 (matio (aka MAT File I/O Library) 1.5.18 through 1.5.21 has a heap-base ...)
- libmatio <unfixed> (bug #991370)
+ [bullseye] - libmatio <no-dsa> (Minor issue)
[buster] - libmatio <not-affected> (Vulnerable code not present, introduced in 1.5.18)
[stretch] - libmatio <not-affected> (Vulnerable code not present, introduced in 1.5.18)
NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=21421
@@ -1359,7 +1362,9 @@ CVE-2021-36774
RESERVED
CVE-2021-36773 (uBlock Origin before 1.36.2 and nMatrix before 4.4.9 support an arbitr ...)
- ublock-origin <unfixed> (bug #991386)
+ [buster] - ublock-origin <no-dsa> (Minor issue)
- umatrix <unfixed> (bug #991344)
+ [buster] - umatrix <no-dsa> (Minor issue)
NOTE: https://github.com/vtriolet/writings/blob/main/posts/2021/ublock_origin_and_umatrix_denial_of_service.adoc
CVE-2021-36772 (Zoho ManageEngine ADManager Plus before 7110 allows stored XSS. ...)
NOT-FOR-US: Zoho
@@ -2508,10 +2513,10 @@ CVE-2020-36417
CVE-2021-3638 [ati-vga: inconsistent check in ati_2d_blt() may lead to out-of-bounds write]
RESERVED
- qemu <unfixed>
+ [bullseye] - qemu <no-dsa> (Minor issue)
[buster] - qemu <not-affected> (Vulnerable code introduced in ATI VGA device emulation added later)
[stretch] - qemu <not-affected> (Vulnerable code introduced in ATI VGA device emulation added later)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1979858
- TODO: check details, similar to CVE-2020-11869, CVE-2020-24352 and CVE-2020-27616
CVE-2021-36235
RESERVED
CVE-2021-36234
@@ -2835,6 +2840,7 @@ CVE-2021-3632
NOT-FOR-US: Keycloak
CVE-2021-36090 (When reading a specially crafted ZIP archive, Compress can be made to ...)
- libcommons-compress-java <unfixed> (bug #991041)
+ [bullseye] - libcommons-compress-java <no-dsa> (Minor issue)
[buster] - libcommons-compress-java <no-dsa> (Minor issue)
NOTE: https://www.openwall.com/lists/oss-security/2021/07/13/4
CVE-2020-36416 (A stored cross scripting (XSS) vulnerability in CMS Made Simple 2.2.14 ...)
@@ -2863,6 +2869,7 @@ CVE-2021-36088 (Fluent Bit (aka fluent-bit) 1.7.0 through 1.7,4 has a double fre
NOT-FOR-US: Fluent Bit
CVE-2021-36087 (The CIL compiler in SELinux 3.2 has a heap-based buffer over-read in e ...)
- libsepol <unfixed> (bug #990526)
+ [bullseye] - libsepol <no-dsa> (Minor issue)
[buster] - libsepol <no-dsa> (Minor issue)
[stretch] - libsepol <no-dsa> (Minor issue)
NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32675
@@ -2870,6 +2877,7 @@ CVE-2021-36087 (The CIL compiler in SELinux 3.2 has a heap-based buffer over-rea
NOTE: https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-585.yaml
CVE-2021-36086 (The CIL compiler in SELinux 3.2 has a use-after-free in cil_reset_clas ...)
- libsepol <unfixed> (bug #990526)
+ [bullseye] - libsepol <no-dsa> (Minor issue)
[buster] - libsepol <no-dsa> (Minor issue)
[stretch] - libsepol <no-dsa> (Minor issue)
NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32177
@@ -2877,6 +2885,7 @@ CVE-2021-36086 (The CIL compiler in SELinux 3.2 has a use-after-free in cil_rese
NOTE: https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-536.yaml
CVE-2021-36085 (The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_c ...)
- libsepol <unfixed> (bug #990526)
+ [bullseye] - libsepol <no-dsa> (Minor issue)
[buster] - libsepol <no-dsa> (Minor issue)
[stretch] - libsepol <no-dsa> (Minor issue)
NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31124
@@ -2884,6 +2893,7 @@ CVE-2021-36085 (The CIL compiler in SELinux 3.2 has a use-after-free in __cil_ve
NOTE: https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-421.yaml
CVE-2021-36084 (The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_c ...)
- libsepol <unfixed> (bug #990526)
+ [bullseye] - libsepol <no-dsa> (Minor issue)
[buster] - libsepol <no-dsa> (Minor issue)
[stretch] - libsepol <no-dsa> (Minor issue)
NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31065
@@ -2905,6 +2915,7 @@ CVE-2021-36082 (ntop nDPI 3.4 has a stack-based buffer overflow in processClient
NOTE: https://github.com/ntop/nDPI/commit/1ec621c85b9411cc611652fd57a892cfef478af3
CVE-2021-36081 (Tesseract OCR 5.0.0-alpha-20201231 has a one_ell_conflict use-after-fr ...)
- tesseract <unfixed> (bug #990529)
+ [bullseye] - tesseract <no-dsa> (Minor issue)
[buster] - tesseract <no-dsa> (Minor issue)
[stretch] - tesseract <no-dsa> (Minor issue)
NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=29698
@@ -4166,14 +4177,17 @@ CVE-2021-35518
RESERVED
CVE-2021-35517 (When reading a specially crafted TAR archive, Compress can be made to ...)
- libcommons-compress-java <unfixed> (bug #991041)
+ [bullseye] - libcommons-compress-java <no-dsa> (Minor issue)
[buster] - libcommons-compress-java <no-dsa> (Minor issue)
NOTE: https://www.openwall.com/lists/oss-security/2021/07/13/3
CVE-2021-35516 (When reading a specially crafted 7Z archive, Compress can be made to a ...)
- libcommons-compress-java <unfixed> (bug #991041)
+ [bullseye] - libcommons-compress-java <no-dsa> (Minor issue)
[buster] - libcommons-compress-java <no-dsa> (Minor issue)
NOTE: https://www.openwall.com/lists/oss-security/2021/07/13/2
CVE-2021-35515 (When reading a specially crafted 7Z archive, the construction of the l ...)
- libcommons-compress-java <unfixed> (bug #991041)
+ [bullseye] - libcommons-compress-java <no-dsa> (Minor issue)
[buster] - libcommons-compress-java <no-dsa> (Minor issue)
NOTE: https://www.openwall.com/lists/oss-security/2021/07/13/1
CVE-2021-35514 (Narou (aka Narou.rb) before 3.8.0 allows Ruby Code Injection via the t ...)
@@ -5197,14 +5211,10 @@ CVE-2018-25016 (Greenbone Security Assistant (GSA) before 7.0.3 and Greenbone OS
NOT-FOR-US: Greenbone Security Assistant
CVE-2021-35054 (Minecraft before 1.17.1, when online-mode=false is configured, allows ...)
TODO: check
-CVE-2021-XXXX [memory leak when authenticated client connects with MQTT v5 sent a crafted CONNECT message to the broker]
- - mosquitto 2.0.11-1
- [buster] - mosquitto <not-affected> (Vulnerable code introduced later)
- [stretch] - mosquitto <not-affected> (Vulnerable code introduced later)
- NOTE: https://mosquitto.org/blog/2021/06/version-2-0-11-released/
CVE-2021-3611 [QEMU: intel-hda: segmentation fault due to stack overflow]
RESERVED
- qemu <unfixed> (bug #990562)
+ [bullseye] - qemu <no-dsa> (Minor issue)
[buster] - qemu <not-affected> (Vulnerable code introduced later)
[stretch] - qemu <not-affected> (Vulnerable code introduced later)
NOTE: https://bugs.launchpad.net/qemu/+bug/1907497
@@ -5695,6 +5705,7 @@ CVE-2021-34826
RESERVED
CVE-2021-34825 (Quassel through 0.13.1, when --require-ssl is enabled, launches withou ...)
- quassel <unfixed> (bug #990567)
+ [bullseye] - quassel <no-dsa> (Minor issue)
[buster] - quassel <no-dsa> (Minor issue)
[stretch] - quassel <no-dsa> (Minor issue)
NOTE: https://github.com/quassel/quassel/pull/581
@@ -6305,6 +6316,7 @@ CVE-2021-3596
RESERVED
CVE-2021-3595 (An invalid pointer initialization issue was found in the SLiRP network ...)
- libslirp <unfixed> (bug #989996)
+ [bullseye] - libslirp <no-dsa> (Minor issue)
- qemu 1:4.1-2
[buster] - qemu <no-dsa> (Minor issue)
[stretch] - qemu <no-dsa> (Minor issue)
@@ -6314,6 +6326,7 @@ CVE-2021-3595 (An invalid pointer initialization issue was found in the SLiRP ne
NOTE: qemu 1:4.1-2 switched to system libslirp, marking that version as fixed.
CVE-2021-3594 (An invalid pointer initialization issue was found in the SLiRP network ...)
- libslirp <unfixed> (bug #989995)
+ [bullseye] - libslirp <no-dsa> (Minor issue)
- qemu 1:4.1-2
[buster] - qemu <no-dsa> (Minor issue)
[stretch] - qemu <no-dsa> (Minor issue)
@@ -6322,6 +6335,7 @@ CVE-2021-3594 (An invalid pointer initialization issue was found in the SLiRP ne
NOTE: qemu 1:4.1-2 switched to system libslirp, marking that version as fixed.
CVE-2021-3593 (An invalid pointer initialization issue was found in the SLiRP network ...)
- libslirp <unfixed> (bug #989994)
+ [bullseye] - libslirp <no-dsa> (Minor issue)
- qemu 1:4.1-2
[buster] - qemu <no-dsa> (Minor issue)
[stretch] - qemu <no-dsa> (Minor issue)
@@ -6330,6 +6344,7 @@ CVE-2021-3593 (An invalid pointer initialization issue was found in the SLiRP ne
NOTE: qemu 1:4.1-2 switched to system libslirp, marking that version as fixed.
CVE-2021-3592 (An invalid pointer initialization issue was found in the SLiRP network ...)
- libslirp <unfixed> (bug #989993)
+ [bullseye] - libslirp <no-dsa> (Minor issue)
- qemu 1:4.1-2
[buster] - qemu <no-dsa> (Minor issue)
[stretch] - qemu <no-dsa> (Minor issue)
@@ -6629,7 +6644,10 @@ CVE-2021-34433
CVE-2021-34432
RESERVED
CVE-2021-34431 (In Eclipse Mosquitto version 1.6 to 2.0.10, if an authenticated client ...)
- - mosquitto <unfixed>
+ - mosquitto 2.0.11-1
+ [buster] - mosquitto <not-affected> (Vulnerable code introduced later)
+ [stretch] - mosquitto <not-affected> (Vulnerable code introduced later)
+ NOTE: https://mosquitto.org/blog/2021/06/version-2-0-11-released/
NOTE: https://bugs.eclipse.org/bugs/show_bug.cgi?id=573191
CVE-2021-34430 (Eclipse TinyDTLS through 0.9-rc1 relies on the rand function in the C ...)
NOT-FOR-US: Eclipse TinyDTLS
@@ -7989,10 +8007,13 @@ CVE-2021-33814
CVE-2021-33813 (An XXE issue in SAXBuilder in JDOM through 2.0.6 allows attackers to c ...)
{DLA-2712-1 DLA-2696-1}
- libjdom2-intellij-java <unfixed> (bug #990673)
+ [bullseye] - libjdom2-intellij-java <no-dsa> (Minor issue)
[buster] - libjdom2-intellij-java <no-dsa> (Minor issue)
- libjdom2-java <unfixed> (bug #990671)
+ [bullseye] - libjdom2-java <no-dsa> (Minor issue)
[buster] - libjdom2-java <no-dsa> (Minor issue)
- libjdom1-java <unfixed> (bug #990672)
+ [bullseye] - libjdom1-java <no-dsa> (Minor issue)
[buster] - libjdom1-java <no-dsa> (Minor issue)
NOTE: https://github.com/hunterhacker/jdom/pull/188
NOTE: https://alephsecurity.com/vulns/aleph-2021003
@@ -8031,6 +8052,7 @@ CVE-2021-3576
CVE-2021-3575 [heap-buffer-overflow in color.c may lead to DoS]
RESERVED
- openjpeg2 <unfixed> (bug #989775)
+ [bullseye] - openjpeg2 <no-dsa> (Minor issue)
[buster] - openjpeg2 <no-dsa> (Minor issue)
[stretch] - openjpeg2 <no-dsa> (Minor issue)
NOTE: https://github.com/uclouvain/openjpeg/issues/1347
@@ -12934,12 +12956,22 @@ CVE-2021-31813 (Zoho ManageEngine Applications Manager before 15130 is vulnerabl
NOT-FOR-US: Zoho
CVE-2021-31812 (In Apache PDFBox, a carefully crafted PDF file can trigger an infinite ...)
- libpdfbox2-java <unfixed>
- - libpdfbox-java <undetermined>
+ [bullseye] - libpdfbox2-java <no-dsa> (Minor issue)
+ [buster] - libpdfbox2-java <no-dsa> (Minor issue)
+ - libpdfbox-java <unfixed>
+ [bullseye] - libpdfbox-java <no-dsa> (Minor issue)
+ [buster] - libpdfbox-java <no-dsa> (Minor issue)
NOTE: https://www.openwall.com/lists/oss-security/2021/06/12/1
+ NOTE: https://github.com/apache/pdfbox/commit/cd17a19e9ab1028dc662e972dd8dbb3fa68b4a33
CVE-2021-31811 (In Apache PDFBox, a carefully crafted PDF file can trigger an OutOfMem ...)
- libpdfbox2-java <unfixed>
- - libpdfbox-java <undetermined>
+ [bullseye] - libpdfbox2-java <no-dsa> (Minor issue)
+ [buster] - libpdfbox2-java <no-dsa> (Minor issue)
+ - libpdfbox-java <unfixed>
+ [bullseye] - libpdfbox-java <no-dsa> (Minor issue)
+ [buster] - libpdfbox-java <no-dsa> (Minor issue)
NOTE: https://www.openwall.com/lists/oss-security/2021/06/12/2
+ NOTE: https://github.com/apache/pdfbox/commit/cd17a19e9ab1028dc662e972dd8dbb3fa68b4a33
CVE-2021-31810 (An issue was discovered in Ruby through 2.6.7, 2.7.x through 2.7.3, an ...)
- ruby2.7 2.7.4-1 (bug #990815)
- ruby2.5 <removed>
@@ -19801,6 +19833,7 @@ CVE-2021-29064
RESERVED
CVE-2021-29063 (A Regular Expression Denial of Service (ReDOS) vulnerability was disco ...)
- mpmath <unfixed> (bug #990576)
+ [bullseye] - mpmath <no-dsa> (Minor issue)
[buster] - mpmath <no-dsa> (Minor issue)
[stretch] - mpmath <no-dsa> (Minor issue)
NOTE: https://github.com/yetingli/PoCs/blob/main/CVE-2021-29063/Mpmath.md
@@ -36952,9 +36985,11 @@ CVE-2021-21780
RESERVED
CVE-2021-21779 (A use-after-free vulnerability exists in the way Webkit’s Graphi ...)
- webkit2gtk <unfixed>
+ [bullseye] - webkit2gtk <postponed> (Fix along with next update round)
[buster] - webkit2gtk <postponed> (Fix along with next update round)
[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
- wpewebkit <unfixed>
+ [bullseye] - wpewebkit <postponed> (Minor issue, fix along with next update)
NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2021-1238
CVE-2021-21778
RESERVED
@@ -36964,9 +36999,11 @@ CVE-2021-21776 (An out-of-bounds write vulnerability exists in the SGI Format Bu
NOT-FOR-US: ImageGear
CVE-2021-21775 (A use-after-free vulnerability exists in the way certain events are pr ...)
- webkit2gtk <unfixed>
+ [bullseye] - webkit2gtk <postponed> (Fix along with next update round)
[buster] - webkit2gtk <postponed> (Fix along with next update round)
[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
- wpewebkit <unfixed>
+ [bullseye] - wpewebkit <postponed> (Minor issue, fix along with next update)
NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2021-1229
CVE-2021-21774
RESERVED
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5df7f6a938a0a4dfe801d220e205f2d936bd0211
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5df7f6a938a0a4dfe801d220e205f2d936bd0211
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210723/1bbc8b7e/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list