[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso carnil at debian.org
Mon Mar 15 08:10:24 GMT 2021 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
56e62a70 by security tracker role at 2021-03-15T08:10:17+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,17 @@
+CVE-2021-28382
+	RESERVED
+CVE-2021-28381
+	RESERVED
+CVE-2021-28380
+	RESERVED
+CVE-2021-28379 (web/upload/UploadHandler.php in Vesta Control Panel (aka VestaCP) thro ...)
+	TODO: check
+CVE-2021-28378 (Gitea 1.12.x and 1.13.x before 1.13.4 allows XSS via certain issue dat ...)
+	TODO: check
+CVE-2021-28377
+	RESERVED
+CVE-2021-28376
+	RESERVED
 CVE-2021-28373 (The auth_internal plugin in Tiny Tiny RSS (aka tt-rss) before 2021-03- ...)
 	- tt-rss <not-affected> (Vulnerable code introduced later)
 	NOTE: https://community.tt-rss.org/t/check-password-not-called-if-otp-is-enabled-update-asap-if-youre-using-2fa/4502
@@ -601,7 +615,7 @@ CVE-2021-28110
 	RESERVED
 CVE-2021-28109
 	RESERVED
-CVE-2021-28374 [world-readable user data information]
+CVE-2021-28374 (The Debian courier-authlib package before 0.71.1-2 for Courier Authent ...)
 	- courier-authlib 0.71.1-2 (bug #984810)
 	NOTE: Re-introduction of #378571 while migrating from debian/permissions to
 	NOTE: debian/courier-authdaemon.tmpfiles in 0.66.4-2.
@@ -150427,7 +150441,7 @@ CVE-2019-2310 (Out of bound read would occur while trying to read action categor
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2019-2309 (While storing calibrated data from firmware in cache, An integer overf ...)
 	NOT-FOR-US: Snapdragon
-CVE-2021-28375
+CVE-2021-28375 (An issue was discovered in the Linux kernel through 5.11.6. fastrpc_in ...)
 	- linux <unfixed>
 	[buster] - linux <not-affected> (Vulnerable code introduced later)
 	[stretch] - linux <not-affected> (Vulnerable code introduced later)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/56e62a70695d59f5f5902b9125ec991626099f67

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/56e62a70695d59f5f5902b9125ec991626099f67
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210315/7570e44a/attachment.htm>

More information about the debian-security-tracker-commits mailing list