[Git][security-tracker-team/security-tracker][master] more dovecot references
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Mon Jun 28 11:58:15 BST 2021
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
889678c2 by Moritz Muehlenhoff at 2021-06-28T12:57:46+02:00
more dovecot references
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -4478,6 +4478,7 @@ CVE-2021-33515 [SMTP Submission service STARTTLS injection]
- dovecot <unfixed>
[stretch] - dovecot <not-affected> (Vulnerable code (smtp_server_command queue) introduced later)
NOTE: https://dovecot.org/pipermail/dovecot-news/2021-June/000462.html
+ NOTE: https://www.openwall.com/lists/oss-security/2021/06/28/2
CVE-2021-33514 (Certain NETGEAR devices are affected by command injection by an unauth ...)
NOT-FOR-US: Netgear
CVE-2021-33513 (Plone through 5.2.4 allows XSS via the inline_diff methods in Products ...)
@@ -15050,6 +15051,7 @@ CVE-2021-29157 [oauth2 JWT local validation path traversal]
[buster] - dovecot <not-affected> (Vulnerable code introduced later)
[stretch] - dovecot <not-affected> (Vulnerable code introduced later)
NOTE: https://dovecot.org/pipermail/dovecot-news/2021-June/000461.html
+ NOTE: https://www.openwall.com/lists/oss-security/2021/06/28/1
CVE-2021-29156 (ForgeRock OpenAM before 13.5.1 allows LDAP injection via the Webfinger ...)
NOT-FOR-US: ForgeRock OpenAM
CVE-2021-29155 (An issue was discovered in the Linux kernel through 5.11.x. kernel/bpf ...)
@@ -47257,6 +47259,7 @@ CVE-2020-28200 [Sieve excessive resource usage]
- dovecot <unfixed>
[stretch] - dovecot <no-dsa> (Minor issue)
NOTE: https://dovecot.org/pipermail/dovecot-news/2021-June/000460.html
+ NOTE: https://www.openwall.com/lists/oss-security/2021/06/28/3
CVE-2020-28199 (best it Amazon Pay Plugin before 9.4.2 for Shopware exposes Sensitive ...)
NOT-FOR-US: Amazon Pay Plugin for Shopware
CVE-2020-28198 (** UNSUPPORTED WHEN ASSIGNED ** The 'id' parameter of IBM Tivoli Stora ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/889678c2f4131cd5727bfcb1c18b2d96fba4bdf3
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/889678c2f4131cd5727bfcb1c18b2d96fba4bdf3
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210628/dc050d9a/attachment.htm>
More information about the debian-security-tracker-commits
mailing list