[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Wed Jun 2 09:10:25 BST 2021 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
5062e991 by security tracker role at 2021-06-02T08:10:16+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -414,6 +414,7 @@ CVE-2021-33616
 CVE-2021-33615
 	RESERVED
 CVE-2021-33620 (Squid before 4.15 and 5.x before 5.0.6 allows remote servers to cause  ...)
+	{DSA-4924-1}
 	- squid 4.13-10
 	- squid3 <removed>
 	NOTE: https://github.com/squid-cache/squid/security/advisories/GHSA-572g-rvwr-6c7f
@@ -2505,16 +2506,16 @@ CVE-2021-32659
 	RESERVED
 CVE-2021-32658
 	RESERVED
-CVE-2021-32657
-	RESERVED
-CVE-2021-32656
-	RESERVED
-CVE-2021-32655
-	RESERVED
-CVE-2021-32654
-	RESERVED
-CVE-2021-32653
-	RESERVED
+CVE-2021-32657 (Nextcloud Server is a Nextcloud package that handles data storage. In  ...)
+	TODO: check
+CVE-2021-32656 (Nextcloud Server is a Nextcloud package that handles data storage. A v ...)
+	TODO: check
+CVE-2021-32655 (Nextcloud Server is a Nextcloud package that handles data storage. In  ...)
+	TODO: check
+CVE-2021-32654 (Nextcloud Server is a Nextcloud package that handles data storage. In  ...)
+	TODO: check
+CVE-2021-32653 (Nextcloud Server is a Nextcloud package that handles data storage. Nex ...)
+	TODO: check
 CVE-2021-32652 (Nextcloud Mail is a mail app for the Nextcloud platform. A missing per ...)
 	TODO: check
 CVE-2021-32651 (OneDev is a development operations platform. If the LDAP external auth ...)
@@ -4979,8 +4980,8 @@ CVE-2021-31686
 	RESERVED
 CVE-2021-31685
 	RESERVED
-CVE-2021-31684
-	RESERVED
+CVE-2021-31684 (A vulnerability was discovered in the indexOf function of JSONParserBy ...)
+	TODO: check
 CVE-2021-31683
 	RESERVED
 CVE-2021-31682
@@ -11162,12 +11163,12 @@ CVE-2021-3461
 	NOT-FOR-US: Keycloak
 CVE-2021-29092 (Unrestricted upload of file with dangerous type vulnerability in file  ...)
 	NOT-FOR-US: Synology
-CVE-2021-29091
-	RESERVED
-CVE-2021-29090
-	RESERVED
-CVE-2021-29089
-	RESERVED
+CVE-2021-29091 (Improper limitation of a pathname to a restricted directory ('Path Tra ...)
+	TODO: check
+CVE-2021-29090 (Improper neutralization of special elements used in an SQL command ('S ...)
+	TODO: check
+CVE-2021-29089 (Improper neutralization of special elements used in an SQL command ('S ...)
+	TODO: check
 CVE-2021-29088 (Improper limitation of a pathname to a restricted directory ('Path Tra ...)
 	NOT-FOR-US: Synology
 CVE-2021-29087
@@ -18312,8 +18313,8 @@ CVE-2021-26113
 	RESERVED
 CVE-2021-26112
 	RESERVED
-CVE-2021-26111
-	RESERVED
+CVE-2021-26111 (A missing release of memory after effective lifetime vulnerability in  ...)
+	TODO: check
 CVE-2021-26110
 	RESERVED
 CVE-2021-26109
@@ -27465,8 +27466,8 @@ CVE-2021-22125
 	RESERVED
 CVE-2021-22124
 	RESERVED
-CVE-2021-22123
-	RESERVED
+CVE-2021-22123 (An OS command injection vulnerability in FortiWeb's management interfa ...)
+	TODO: check
 CVE-2021-22122 (An improper neutralization of input during web page generation in Fort ...)
 	NOT-FOR-US: FortiGuard
 CVE-2021-22121
@@ -57744,22 +57745,22 @@ CVE-2020-22046
 	RESERVED
 CVE-2020-22045
 	RESERVED
-CVE-2020-22044
-	RESERVED
-CVE-2020-22043
-	RESERVED
-CVE-2020-22042
-	RESERVED
-CVE-2020-22041
-	RESERVED
-CVE-2020-22040
-	RESERVED
-CVE-2020-22039
-	RESERVED
-CVE-2020-22038
-	RESERVED
-CVE-2020-22037
-	RESERVED
+CVE-2020-22044 (A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory ...)
+	TODO: check
+CVE-2020-22043 (A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory ...)
+	TODO: check
+CVE-2020-22042 (A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory ...)
+	TODO: check
+CVE-2020-22041 (A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory ...)
+	TODO: check
+CVE-2020-22040 (A Denial of Service vulnerability exists in FFmpeg 4.2 idue to a memor ...)
+	TODO: check
+CVE-2020-22039 (A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory ...)
+	TODO: check
+CVE-2020-22038 (A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory ...)
+	TODO: check
+CVE-2020-22037 (A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory ...)
+	TODO: check
 CVE-2020-22036 (A heap-based Buffer Overflow vulnerability exists in FFmpeg 4.2 in fil ...)
 	TODO: check
 CVE-2020-22035 (A heap-based Buffer Overflow vulnerability exists in FFmpeg 4.2 in get ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5062e991850d2519fd3f65e10fa096dd4b4a6090

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5062e991850d2519fd3f65e10fa096dd4b4a6090
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210602/ea8f5ab9/attachment.htm>

More information about the debian-security-tracker-commits mailing list