[Git][security-tracker-team/security-tracker][master] buster triage
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Thu Jun 10 19:07:46 BST 2021
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
3794c8fa by Moritz Muehlenhoff at 2021-06-10T20:07:34+02:00
buster triage
NFUs
- - - - -
2 changed files:
- data/CVE/list
- data/dsa-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -30174,16 +30174,22 @@ CVE-2021-21667
RESERVED
CVE-2021-21666
RESERVED
+ NOT-FOR-US: Jenkins plugin
CVE-2021-21665
RESERVED
+ NOT-FOR-US: Jenkins plugin
CVE-2021-21664
RESERVED
+ NOT-FOR-US: Jenkins plugin
CVE-2021-21663
RESERVED
+ NOT-FOR-US: Jenkins plugin
CVE-2021-21662
RESERVED
+ NOT-FOR-US: Jenkins plugin
CVE-2021-21661
RESERVED
+ NOT-FOR-US: Jenkins plugin
CVE-2021-21660 (Jenkins Markdown Formatter Plugin 0.1.0 and earlier does not sanitize ...)
NOT-FOR-US: Jenkins plugin
CVE-2021-21659 (Jenkins URLTrigger Plugin 0.48 and earlier does not configure its XML ...)
@@ -31953,6 +31959,7 @@ CVE-2021-21419 (Eventlet is a concurrent networking library for Python. A websoc
NOTE: Fixed by: https://github.com/eventlet/eventlet/commit/1412f5e4125b4313f815778a1acb4d3336efcd07
NOTE: Issue present as well in versions before introduction of per-message-defalte extension
NOTE: or compression extension support.
+ NOTE: Patch for 0.20 by SuSE: https://bugzilla.suse.com/attachment.cgi?id=849402&action=diff
CVE-2021-21418 (ps_emailsubscription is a newsletter subscription module for the Prest ...)
NOT-FOR-US: PrestaShop
CVE-2021-21417 (fluidsynth is a software synthesizer based on the SoundFont 2 specific ...)
=====================================
data/dsa-needed.txt
=====================================
@@ -33,5 +33,9 @@ jetty9
--
python-pysaml2 (jmm)
--
+runc
+--
salt
--
+xen (jmm)
+--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3794c8fab976c4e35aef5d23af8cd740af0b91fc
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3794c8fab976c4e35aef5d23af8cd740af0b91fc
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210610/851a73b3/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list