[Git][security-tracker-team/security-tracker][master] fill in ezxml issues
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Mon Jun 14 14:25:04 BST 2021
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
f1405992 by Moritz Muehlenhoff at 2021-06-14T15:24:34+02:00
fill in ezxml issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -7142,7 +7142,18 @@ CVE-2021-31600
CVE-2021-31599
RESERVED
CVE-2021-31598 (An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezx ...)
- TODO: check
+ - mapcache <unfixed> (bug #989363)
+ [bullseye] - mapcache <no-dsa> (Minor issue)
+ [buster] - mapcache <no-dsa> (Minor issue)
+ - scilab <unfixed> (bug #989364)
+ [bullseye] - scilab <no-dsa> (Minor issue)
+ [buster] - scilab <no-dsa> (Minor issue)
+ - netcdf <unfixed> (bug #989360)
+ [bullseye] - netcdf <no-dsa> (Minor issue)
+ [buster] - netcdf <no-dsa> (Minor issue)
+ - netcdf-parallel <unfixed> (bug #989361)
+ [bullseye] - netcdf-parallel <no-dsa> (Minor issue)
+ [buster] - netcdf-parallel <no-dsa> (Minor issue)
CVE-2021-31597 (The xmlhttprequest-ssl package before 1.6.1 for Node.js disables SSL c ...)
- node-xmlhttprequest-ssl <unfixed>
[buster] - node-xmlhttprequest-ssl <ignored> (Minor issue, should possibly be removed from stable as well)
@@ -7751,9 +7762,31 @@ CVE-2021-31350
CVE-2021-31349
RESERVED
CVE-2021-31348 (An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezx ...)
- TODO: check
+ - mapcache <unfixed> (bug #989363)
+ [bullseye] - mapcache <no-dsa> (Minor issue)
+ [buster] - mapcache <no-dsa> (Minor issue)
+ - scilab <unfixed> (bug #989364)
+ [bullseye] - scilab <no-dsa> (Minor issue)
+ [buster] - scilab <no-dsa> (Minor issue)
+ - netcdf <unfixed> (bug #989360)
+ [bullseye] - netcdf <no-dsa> (Minor issue)
+ [buster] - netcdf <no-dsa> (Minor issue)
+ - netcdf-parallel <unfixed> (bug #989361)
+ [bullseye] - netcdf-parallel <no-dsa> (Minor issue)
+ [buster] - netcdf-parallel <no-dsa> (Minor issue)
CVE-2021-31347 (An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezx ...)
- TODO: check
+ - mapcache <unfixed> (bug #989363)
+ [bullseye] - mapcache <no-dsa> (Minor issue)
+ [buster] - mapcache <no-dsa> (Minor issue)
+ - scilab <unfixed> (bug #989364)
+ [bullseye] - scilab <no-dsa> (Minor issue)
+ [buster] - scilab <no-dsa> (Minor issue)
+ - netcdf <unfixed> (bug #989360)
+ [bullseye] - netcdf <no-dsa> (Minor issue)
+ [buster] - netcdf <no-dsa> (Minor issue)
+ - netcdf-parallel <unfixed> (bug #989361)
+ [bullseye] - netcdf-parallel <no-dsa> (Minor issue)
+ [buster] - netcdf-parallel <no-dsa> (Minor issue)
CVE-2021-31346
RESERVED
CVE-2021-31345
@@ -8017,7 +8050,18 @@ CVE-2021-31231 (The Alertmanager in Grafana Enterprise Metrics before 1.2.1 and
CVE-2021-31230
RESERVED
CVE-2021-31229 (An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezx ...)
- NOT-FOR-US: ezXML
+ - mapcache <unfixed> (bug #989363)
+ [bullseye] - mapcache <no-dsa> (Minor issue)
+ [buster] - mapcache <no-dsa> (Minor issue)
+ - scilab <unfixed> (bug #989364)
+ [bullseye] - scilab <no-dsa> (Minor issue)
+ [buster] - scilab <no-dsa> (Minor issue)
+ - netcdf <unfixed> (bug #989360)
+ [bullseye] - netcdf <no-dsa> (Minor issue)
+ [buster] - netcdf <no-dsa> (Minor issue)
+ - netcdf-parallel <unfixed> (bug #989361)
+ [bullseye] - netcdf-parallel <no-dsa> (Minor issue)
+ [buster] - netcdf-parallel <no-dsa> (Minor issue)
CVE-2021-31228
RESERVED
CVE-2021-31227
@@ -9745,7 +9789,18 @@ CVE-2021-30487 (In the topic moving API in Zulip Server 3.x before 3.4, organiza
CVE-2021-30486
RESERVED
CVE-2021-30485 (An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezx ...)
- NOT-FOR-US: ezXML
+ - mapcache <unfixed> (bug #989363)
+ [bullseye] - mapcache <no-dsa> (Minor issue)
+ [buster] - mapcache <no-dsa> (Minor issue)
+ - scilab <unfixed> (bug #989364)
+ [bullseye] - scilab <no-dsa> (Minor issue)
+ [buster] - scilab <no-dsa> (Minor issue)
+ - netcdf <unfixed> (bug #989360)
+ [bullseye] - netcdf <no-dsa> (Minor issue)
+ [buster] - netcdf <no-dsa> (Minor issue)
+ - netcdf-parallel <unfixed> (bug #989361)
+ [bullseye] - netcdf-parallel <no-dsa> (Minor issue)
+ [buster] - netcdf-parallel <no-dsa> (Minor issue)
CVE-2021-30484
RESERVED
CVE-2021-30483
@@ -20133,11 +20188,44 @@ CVE-2021-26224
CVE-2021-26223
RESERVED
CVE-2021-26222 (The ezxml_new function in ezXML 0.8.6 and earlier is vulnerable to OOB ...)
- NOT-FOR-US: ezXML
+ - mapcache <unfixed> (bug #989363)
+ [bullseye] - mapcache <no-dsa> (Minor issue)
+ [buster] - mapcache <no-dsa> (Minor issue)
+ - scilab <unfixed> (bug #989364)
+ [bullseye] - scilab <no-dsa> (Minor issue)
+ [buster] - scilab <no-dsa> (Minor issue)
+ - netcdf <unfixed> (bug #989360)
+ [bullseye] - netcdf <no-dsa> (Minor issue)
+ [buster] - netcdf <no-dsa> (Minor issue)
+ - netcdf-parallel <unfixed> (bug #989361)
+ [bullseye] - netcdf-parallel <no-dsa> (Minor issue)
+ [buster] - netcdf-parallel <no-dsa> (Minor issue)
CVE-2021-26221 (The ezxml_new function in ezXML 0.8.6 and earlier is vulnerable to OOB ...)
- NOT-FOR-US: ezXML
+ - mapcache <unfixed> (bug #989363)
+ [bullseye] - mapcache <no-dsa> (Minor issue)
+ [buster] - mapcache <no-dsa> (Minor issue)
+ - scilab <unfixed> (bug #989364)
+ [bullseye] - scilab <no-dsa> (Minor issue)
+ [buster] - scilab <no-dsa> (Minor issue)
+ - netcdf <unfixed> (bug #989360)
+ [bullseye] - netcdf <no-dsa> (Minor issue)
+ [buster] - netcdf <no-dsa> (Minor issue)
+ - netcdf-parallel <unfixed> (bug #989361)
+ [bullseye] - netcdf-parallel <no-dsa> (Minor issue)
+ [buster] - netcdf-parallel <no-dsa> (Minor issue)
CVE-2021-26220 (The ezxml_toxml function in ezxml 0.8.6 and earlier is vulnerable to O ...)
- NOT-FOR-US: ezXML
+ - mapcache <unfixed> (bug #989363)
+ [bullseye] - mapcache <no-dsa> (Minor issue)
+ [buster] - mapcache <no-dsa> (Minor issue)
+ - scilab <unfixed> (bug #989364)
+ [bullseye] - scilab <no-dsa> (Minor issue)
+ [buster] - scilab <no-dsa> (Minor issue)
+ - netcdf <unfixed> (bug #989360)
+ [bullseye] - netcdf <no-dsa> (Minor issue)
+ [buster] - netcdf <no-dsa> (Minor issue)
+ - netcdf-parallel <unfixed> (bug #989361)
+ [bullseye] - netcdf-parallel <no-dsa> (Minor issue)
+ [buster] - netcdf-parallel <no-dsa> (Minor issue)
CVE-2021-26219
RESERVED
CVE-2021-26218
@@ -102604,15 +102692,70 @@ CVE-2019-20203 (The Authorized Addresses feature in the Postie plugin 1.9.40 for
CVE-2020-5179 (Comtech Stampede FX-1010 7.4.3 devices allow remote authenticated admi ...)
NOT-FOR-US: Comtech Stampede FX-1010 7.4.3 devices
CVE-2019-20202 (An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezx ...)
- NOT-FOR-US: ezXML
+ - mapcache <unfixed> (bug #989363)
+ [bullseye] - mapcache <no-dsa> (Minor issue)
+ [buster] - mapcache <no-dsa> (Minor issue)
+ - scilab <unfixed> (bug #989364)
+ [bullseye] - scilab <no-dsa> (Minor issue)
+ [buster] - scilab <no-dsa> (Minor issue)
+ - netcdf <unfixed> (bug #989360)
+ [bullseye] - netcdf <no-dsa> (Minor issue)
+ [buster] - netcdf <no-dsa> (Minor issue)
+ - netcdf-parallel <unfixed> (bug #989361)
+ [bullseye] - netcdf-parallel <no-dsa> (Minor issue)
+ [buster] - netcdf-parallel <no-dsa> (Minor issue)
CVE-2019-20201 (An issue was discovered in ezXML 0.8.3 through 0.8.6. The ezxml_parse_ ...)
- NOT-FOR-US: ezXML
+ - mapcache <unfixed> (bug #989363)
+ [bullseye] - mapcache <no-dsa> (Minor issue)
+ [buster] - mapcache <no-dsa> (Minor issue)
+ - scilab <unfixed> (bug #989364)
+ [bullseye] - scilab <no-dsa> (Minor issue)
+ [buster] - scilab <no-dsa> (Minor issue)
+ - netcdf <unfixed> (bug #989360)
+ [bullseye] - netcdf <no-dsa> (Minor issue)
+ [buster] - netcdf <no-dsa> (Minor issue)
+ - netcdf-parallel <unfixed> (bug #989361)
+ [bullseye] - netcdf-parallel <no-dsa> (Minor issue)
+ [buster] - netcdf-parallel <no-dsa> (Minor issue)
CVE-2019-20200 (An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezx ...)
- NOT-FOR-US: ezXML
+ - mapcache <unfixed> (bug #989363)
+ [bullseye] - mapcache <no-dsa> (Minor issue)
+ [buster] - mapcache <no-dsa> (Minor issue)
+ - scilab <unfixed> (bug #989364)
+ [bullseye] - scilab <no-dsa> (Minor issue)
+ [buster] - scilab <no-dsa> (Minor issue)
+ - netcdf <unfixed> (bug #989360)
+ [bullseye] - netcdf <no-dsa> (Minor issue)
+ [buster] - netcdf <no-dsa> (Minor issue)
+ - netcdf-parallel <unfixed> (bug #989361)
+ [bullseye] - netcdf-parallel <no-dsa> (Minor issue)
+ [buster] - netcdf-parallel <no-dsa> (Minor issue)
CVE-2019-20199 (An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezx ...)
- NOT-FOR-US: ezXML
+ - mapcache <unfixed> (bug #989363)
+ [bullseye] - mapcache <no-dsa> (Minor issue)
+ [buster] - mapcache <no-dsa> (Minor issue)
+ - scilab <unfixed> (bug #989364)
+ [bullseye] - scilab <no-dsa> (Minor issue)
+ [buster] - scilab <no-dsa> (Minor issue)
+ - netcdf <unfixed> (bug #989360)
+ [bullseye] - netcdf <no-dsa> (Minor issue)
+ [buster] - netcdf <no-dsa> (Minor issue)
+ - netcdf-parallel <unfixed> (bug #989361)
+ [bullseye] - netcdf-parallel <no-dsa> (Minor issue)
+ [buster] - netcdf-parallel <no-dsa> (Minor issue)
CVE-2019-20198 (An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezx ...)
- NOT-FOR-US: ezXML
+ - mapcache <unfixed> (bug #989363)
+ [bullseye] - mapcache <no-dsa> (Minor issue)
+ [buster] - mapcache <no-dsa> (Minor issue)
+ - scilab <unfixed> (bug #989364)
+ [bullseye] - scilab <no-dsa> (Minor issue)
+ [buster] - scilab <no-dsa> (Minor issue)
+ - netcdf <unfixed> (bug #989360)
+ [bullseye] - netcdf <no-dsa> (Minor issue)
+ [buster] - netcdf <no-dsa> (Minor issue)
+ - netcdf-parallel <unfixed> (bug #989361)
+ [bullseye] - netcdf-parallel <no-dsa> (Minor issue)
+ [buster] - netcdf-parallel <no-dsa> (Minor issue)
CVE-2020-5178
RESERVED
CVE-2020-5177
@@ -105677,11 +105820,44 @@ CVE-2019-20009 (An issue was discovered in GNU LibreDWG before 0.93. Crafted inp
CVE-2019-20008 (In Archery before 1.3, inserting an XSS payload into a project name (e ...)
NOT-FOR-US: Archery
CVE-2019-20007 (An issue was discovered in ezXML 0.8.2 through 0.8.6. The function ezx ...)
- NOT-FOR-US: ezXML
+ - mapcache <unfixed> (bug #989363)
+ [bullseye] - mapcache <no-dsa> (Minor issue)
+ [buster] - mapcache <no-dsa> (Minor issue)
+ - scilab <unfixed> (bug #989364)
+ [bullseye] - scilab <no-dsa> (Minor issue)
+ [buster] - scilab <no-dsa> (Minor issue)
+ - netcdf <unfixed> (bug #989360)
+ [bullseye] - netcdf <no-dsa> (Minor issue)
+ [buster] - netcdf <no-dsa> (Minor issue)
+ - netcdf-parallel <unfixed> (bug #989361)
+ [bullseye] - netcdf-parallel <no-dsa> (Minor issue)
+ [buster] - netcdf-parallel <no-dsa> (Minor issue)
CVE-2019-20006 (An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezx ...)
- NOT-FOR-US: ezXML
+ - mapcache <unfixed> (bug #989363)
+ [bullseye] - mapcache <no-dsa> (Minor issue)
+ [buster] - mapcache <no-dsa> (Minor issue)
+ - scilab <unfixed> (bug #989364)
+ [bullseye] - scilab <no-dsa> (Minor issue)
+ [buster] - scilab <no-dsa> (Minor issue)
+ - netcdf <unfixed> (bug #989360)
+ [bullseye] - netcdf <no-dsa> (Minor issue)
+ [buster] - netcdf <no-dsa> (Minor issue)
+ - netcdf-parallel <unfixed> (bug #989361)
+ [bullseye] - netcdf-parallel <no-dsa> (Minor issue)
+ [buster] - netcdf-parallel <no-dsa> (Minor issue)
CVE-2019-20005 (An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezx ...)
- NOT-FOR-US: ezXML
+ - mapcache <unfixed> (bug #989363)
+ [bullseye] - mapcache <no-dsa> (Minor issue)
+ [buster] - mapcache <no-dsa> (Minor issue)
+ - scilab <unfixed> (bug #989364)
+ [bullseye] - scilab <no-dsa> (Minor issue)
+ [buster] - scilab <no-dsa> (Minor issue)
+ - netcdf <unfixed> (bug #989360)
+ [bullseye] - netcdf <no-dsa> (Minor issue)
+ [buster] - netcdf <no-dsa> (Minor issue)
+ - netcdf-parallel <unfixed> (bug #989361)
+ [bullseye] - netcdf-parallel <no-dsa> (Minor issue)
+ [buster] - netcdf-parallel <no-dsa> (Minor issue)
CVE-2019-20004 (An issue was discovered on Intelbras IWR 3000N 1.8.7 devices. When the ...)
NOT-FOR-US: Intelbras
CVE-2019-20003 (Feldtech easescreen Crystal 9.0 Web-Services 9.0.1.16265 allows Stored ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f14059922cb0b04d23d6cf30a512151e646fd401
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f14059922cb0b04d23d6cf30a512151e646fd401
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210614/526e2784/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list