[Git][security-tracker-team/security-tracker][master] buster triage

Tue Mar 9 19:02:36 GMT 2021


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
9df1aa04 by Moritz Muehlenhoff at 2021-03-09T20:02:20+01:00
buster triage

- - - - -


2 changed files:

- data/CVE/list
- data/dsa-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -1265,6 +1265,7 @@ CVE-2021-27510
 	RESERVED
 CVE-2020-36254 (scp.c in Dropbear before 2020.79 mishandles the filename of . or an em ...)
 	- dropbear 2020.79-1
+	[buster] - dropbear <no-dsa> (Minor issue)
 	NOTE: https://github.com/mkj/dropbear/commit/8f8a3dff705fad774a10864a2e3dbcfa9779ceff
 CVE-2020-36253
 	RESERVED
@@ -1941,7 +1942,7 @@ CVE-2021-3411
 	[stretch] - linux <not-affected> (Vulnerable code introduced later)
 CVE-2021-3410 (A flaw was found in libcaca v0.99.beta19. A buffer overflow issue in c ...)
 	{DLA-2584-1}
-	- libcaca <unfixed> (bug #983684)
+	- libcaca <unfixed> (bug #983686)
 	NOTE: https://github.com/cacalabs/libcaca/issues/52
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1928437
 	NOTE: https://github.com/cacalabs/libcaca/commit/46b4ea7cea72d6b3ffe65d33e604b1774dcc2bbd
@@ -2826,10 +2827,12 @@ CVE-2021-26827
 	RESERVED
 CVE-2021-26826 (A stack overflow issue exists in Godot Engine up to v3.2 and is caused ...)
 	- godot <unfixed> (bug #982593)
+	[buster] - godot <no-dsa> (Minor issue)
 	NOTE: https://github.com/godotengine/godot/pull/45701
 	NOTE: https://github.com/godotengine/godot/commit/403e4fd08b0b212e96f53d926e6273e0745eaa5a
 CVE-2021-26825 (An integer overflow issue exists in Godot Engine up to v3.2 that can b ...)
 	- godot <unfixed> (bug #982593)
+	[buster] - godot <no-dsa> (Minor issue)
 	NOTE: https://github.com/godotengine/godot/pull/45702
 	NOTE: https://github.com/godotengine/godot/commit/113b5ab1c45c01b8e6d54d13ac8876d091f883a8
 CVE-2021-26824
@@ -97129,8 +97132,6 @@ CVE-2019-18824 (Barco ClickShare Button R9861500D01 devices before 1.10.0.13 hav
 	NOT-FOR-US: Barco ClickShare Button R9861500D01 devices
 CVE-2019-18823 (HTCondor up to and including stable series 8.8.6 and development serie ...)
 	- condor <unfixed> (bug #963777)
-	NOTE: https://research.cs.wisc.edu/htcondor/security/vulnerabilities/HTCONDOR-2020-0001.html
-	NOTE: https://research.cs.wisc.edu/htcondor/security/vulnerabilities/HTCONDOR-2020-0002.html
 	NOTE: https://research.cs.wisc.edu/htcondor/security/vulnerabilities/HTCONDOR-2020-0003.html
 	NOTE: https://research.cs.wisc.edu/htcondor/security/vulnerabilities/HTCONDOR-2020-0004.html
 	NOTE: https://github.com/htcondor/htcondor/commit/95eaee86e7ad3852c17df46a1b8b193dabd1fd14


=====================================
data/dsa-needed.txt
=====================================
@@ -11,6 +11,8 @@ To pick an issue, simply add your uid behind it.
 
 If needed, specify the release by adding a slash after the name of the source package.
 
+--
+condor
 --
 chromium
 --



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9df1aa042c18829a2ebfd10f53b83f4d869304f8

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9df1aa042c18829a2ebfd10f53b83f4d869304f8
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210309/9f34d669/attachment.htm>
