[Git][security-tracker-team/security-tracker][master] 3 commits: Triage CVE-2021-33833 in connman for stretch LTS.
Chris Lamb (@lamby)
lamby at debian.org
Sun Jun 13 09:15:52 BST 2021
Chris Lamb pushed to branch master at Debian Security Tracker / security-tracker
Commits:
34122203 by Chris Lamb at 2021-06-13T09:14:46+01:00
Triage CVE-2021-33833 in connman for stretch LTS.
- - - - -
0f53edc5 by Chris Lamb at 2021-06-13T09:14:48+01:00
Triage CVE-2019-20790 in opendmarc for stretch LTS.
- - - - -
6cdfc4f0 by Chris Lamb at 2021-06-13T09:14:49+01:00
Triage CVE-2021-28965 in ruby2.3 for stretch LTS.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1817,6 +1817,7 @@ CVE-2021-33834
CVE-2021-33833 (ConnMan (aka Connection Manager) 1.30 through 1.39 has a stack-based b ...)
- connman 1.36-2.2 (bug #989662)
[buster] - connman <no-dsa> (Minor issue)
+ [stretch] - connman <no-dsa> (Minor issue)
NOTE: https://www.openwall.com/lists/oss-security/2021/06/09/1
NOTE: https://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=eceb2e8d2341c041df55a5e2f047d9a8c491463c
CVE-2021-33832
@@ -13475,6 +13476,7 @@ CVE-2021-28965 (The REXML gem before 3.2.5 in Ruby before 2.6.7, 2.7.x before 2.
- ruby2.5 <removed>
[buster] - ruby2.5 <postponed> (Minor issue, can be fixed along with next update)
- ruby2.3 <removed>
+ [stretch] - ruby2.3 <postponed> (Minor issue; can be fixed in next update)
[experimental] - ruby-rexml 3.2.5-1
- ruby-rexml <unfixed> (bug #986806)
NOTE: https://www.ruby-lang.org/en/news/2021/04/05/xml-round-trip-vulnerability-in-rexml-cve-2021-28965/
@@ -82828,6 +82830,7 @@ CVE-2020-12267 (setMarkdown in Qt before 5.14.2 has a use-after-free related to
CVE-2019-20790 (OpenDMARC through 1.3.2 and 1.4.x, when used with pypolicyd-spf 2.0.2, ...)
- opendmarc 1.4.0~beta1+dfsg-4 (bug #977766)
[buster] - opendmarc <no-dsa> (Minor issue)
+ [stretch] - opendmarc <no-dsa> (Minor issue)
NOTE: https://bugs.launchpad.net/pypolicyd-spf/+bug/1838816
NOTE: https://sourceforge.net/p/opendmarc/tickets/235/
NOTE: https://www.usenix.org/system/files/sec20fall_chen-jianjun_prepub_0.pdf
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/6fbc62f048793948e4b4fe3541a87d08442368cf...6cdfc4f0b1901dd03480fb0e740f48403f525dbc
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/6fbc62f048793948e4b4fe3541a87d08442368cf...6cdfc4f0b1901dd03480fb0e740f48403f525dbc
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210613/60ac5776/attachment.htm>
More information about the debian-security-tracker-commits
mailing list