[Git][security-tracker-team/security-tracker][master] Add tracking of new grub2 issues

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
74bf42b3 by Salvatore Bonaccorso at 2021-03-02T19:01:58+01:00
Add tracking of new grub2 issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -18468,6 +18468,7 @@ CVE-2021-20234 [Memory leak in client induced by malicious server without CURVE/
 	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=22123
 CVE-2021-20233
 	RESERVED
+	- grub2 <unfixed>
 CVE-2021-20232
 	RESERVED
 CVE-2021-20231
@@ -18505,6 +18506,7 @@ CVE-2021-20226 (A use-after-free flaw was found in the io_uring in Linux kernel,
 	NOTE: https://www.zerodayinitiative.com/advisories/ZDI-21-001/
 CVE-2021-20225
 	RESERVED
+	- grub2 <unfixed>
 CVE-2021-20224
 	RESERVED
 CVE-2021-20223
@@ -29212,6 +29214,7 @@ CVE-2020-27780 (A flaw was found in Linux-Pam in versions prior to 1.5.1 in the
 	NOTE: Fixed by: https://github.com/linux-pam/linux-pam/commit/30fdfb90d9864bcc254a62760aaa149d373fd4eb
 CVE-2020-27779
 	RESERVED
+	- grub2 <unfixed>
 CVE-2020-27778 (A flaw was found in Poppler in the way certain PDF files were converte ...)
 	- poppler 0.85.0-2
 	[buster] - poppler <postponed> (Minor issue)
@@ -29412,6 +29415,7 @@ CVE-2020-27750 (A flaw was found in ImageMagick in MagickCore/colorspace-private
 	NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/c7038e710ad0204d6cb37a0229fc55f6f8a8662f
 CVE-2020-27749
 	RESERVED
+	- grub2 <unfixed>
 CVE-2020-27748 [local file inclusion vulnerability]
 	RESERVED
 	- xdg-utils <unfixed> (bug #975370)
@@ -34786,6 +34790,7 @@ CVE-2020-25648 (A flaw was found in the way NSS handled CCS (ChangeCipherSpec) m
 	NOTE: Fixed by: https://hg.mozilla.org/projects/nss/rev/57bbefa793232586d27cee83e74411171e128361
 CVE-2020-25647
 	RESERVED
+	- grub2 <unfixed>
 CVE-2020-25646 (A flaw was found in Ansible Collection community.crypto. openssl_priva ...)
 	TODO: check
 CVE-2020-25645 (A flaw was found in the Linux kernel in versions before 5.9-rc7. Traff ...)
@@ -34843,6 +34848,7 @@ CVE-2020-25633 (A flaw was found in RESTEasy client in all versions of RESTEasy
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1879042
 CVE-2020-25632
 	RESERVED
+	- grub2 <unfixed>
 CVE-2020-25631 (A vulnerability was found in Moodle 3.9 to 3.9.1, 3.8 to 3.8.4 and 3.7 ...)
 	- moodle <removed>
 CVE-2020-25630 (A vulnerability was found in Moodle where the decompressed size of zip ...)
@@ -59404,6 +59410,7 @@ CVE-2020-14373 (A use after free was found in igc_reloc_struct_ptr() of psi/igc.
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=702851
 CVE-2020-14372
 	RESERVED
+	- grub2 <unfixed>
 CVE-2020-14371
 	RESERVED
 	NOT-FOR-US: Red Hat Satellite



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/74bf42b36367a11559c6f23988537d479d3c32a2

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/74bf42b36367a11559c6f23988537d479d3c32a2
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210302/8da935e2/attachment.htm>