[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) jmm at debian.org
Tue Jun 22 09:42:07 BST 2021 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
f13a9e0c by Moritz Muehlenhoff at 2021-06-22T10:41:42+02:00
NFUs
new singulariy-container issue

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1772,13 +1772,13 @@ CVE-2021-34391
 CVE-2021-34390
 	RESERVED
 CVE-2021-34389 (Trusty contains a vulnerability in NVIDIA OTE protocol message parsing ...)
-	TODO: check
+	NOT-FOR-US: NVIDIA
 CVE-2021-34388 (Bootloader contains a vulnerability in NVIDIA MB2 where a potential he ...)
-	TODO: check
+	NOT-FOR-US: NVIDIA
 CVE-2021-34387 (The ARM TrustZone Technology on which Trusty is based on contains a vu ...)
-	TODO: check
+	NOT-FOR-US: NVIDIA
 CVE-2021-34386 (Trusty TLK contains a vulnerability in the NVIDIA TLK kernel where an  ...)
-	TODO: check
+	NOT-FOR-US: NVIDIA
 CVE-2021-34385
 	RESERVED
 CVE-2021-34384
@@ -3504,7 +3504,8 @@ CVE-2021-33624
 CVE-2021-33623 (The trim-newlines package before 3.0.1 and 4.x before 4.0.1 for Node.j ...)
 	NOT-FOR-US: Node.js trim-newlines package
 CVE-2021-33622 (Sylabs Singularity 3.5.x and 3.6.x, and SingularityPRO before 3.5-8, h ...)
-	TODO: check
+	- singularity-container <unfixed>
+	NOTE: https://support.sylabs.io/support/solutions/articles/42000087130-3-5-8-security-release-cve-2021-33622-
 CVE-2021-33621
 	RESERVED
 CVE-2021-33619
@@ -5594,11 +5595,11 @@ CVE-2021-32700
 CVE-2021-32699
 	RESERVED
 CVE-2021-32698 (eLabFTW is an open source electronic lab notebook for research labs. T ...)
-	TODO: check
+	NOT-FOR-US: eLabFTW
 CVE-2021-32697 (neos/forms is an open source framework to build web forms. By crafting ...)
 	NOT-FOR-US: neos/forms
 CVE-2021-32696 (The npm package "striptags" is an implementation of PHP's strip_tags i ...)
-	TODO: check
+	NOT-FOR-US: Node striptags
 CVE-2021-32695 (Nextcloud Android app is the Android client for Nextcloud. In versions ...)
 	NOT-FOR-US: Nextcloud Android app
 CVE-2021-32694 (Nextcloud Android app is the Android client for Nextcloud. In versions ...)
@@ -5613,7 +5614,7 @@ CVE-2021-32692
 CVE-2021-32691 (Apollos Apps is an open source platform for launching church-related a ...)
 	NOT-FOR-US: Apollo Apps
 CVE-2021-32690 (Helm is a tool for managing Charts (packages of pre-configured Kuberne ...)
-	TODO: check
+	- helm-kubernetes <itp> (bug #910799)
 CVE-2021-32689
 	RESERVED
 CVE-2021-32688



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f13a9e0c54aa0fbf11331df21e61112f12dfca03

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f13a9e0c54aa0fbf11331df21e61112f12dfca03
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210622/14467070/attachment.htm>

More information about the debian-security-tracker-commits mailing list