[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso carnil at debian.org
Sat Mar 20 08:10:43 GMT 2021 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
e0238962 by security tracker role at 2021-03-20T08:10:35+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1754,6 +1754,7 @@ CVE-2021-3430
 	RESERVED
 CVE-2021-3429
 	RESERVED
+	{DLA-2601-1}
 	- cloud-init 20.4.1-2 (bug #985540)
 	[buster] - cloud-init <no-dsa> (Minor issue; can be fixed via point release)
 	NOTE: https://github.com/canonical/cloud-init/commit/b794d426b9ab43ea9d6371477466070d86e10668
@@ -18577,8 +18578,8 @@ CVE-2021-21269 (Keymaker is a Mastodon Community Finder based Matrix Community s
 	NOT-FOR-US: Keymaker
 CVE-2021-21268
 	RESERVED
-CVE-2021-21267
-	RESERVED
+CVE-2021-21267 (Schema-Inspector is an open-source tool to sanitize and validate JS ob ...)
+	TODO: check
 CVE-2021-21266 (openHAB is a vendor and technology agnostic open source automation sof ...)
 	NOT-FOR-US: openHAB
 CVE-2021-21265 (October is a free, open-source, self-hosted CMS platform based on the  ...)
@@ -114210,14 +114211,14 @@ CVE-2019-14833 (A flaw was found in Samba, all versions starting samba 4.5.0 bef
 	NOTE: https://www.samba.org/samba/security/CVE-2019-14833.html
 CVE-2019-14832 (A flaw was found in the Keycloak REST API before version 8.0.0 where i ...)
 	NOT-FOR-US: Keycloak
-CVE-2019-14831
-	RESERVED
-CVE-2019-14830
-	RESERVED
-CVE-2019-14829
-	RESERVED
-CVE-2019-14828
-	RESERVED
+CVE-2019-14831 (A vulnerability was found in Moodle 3.7 to 3.7.1, 3.6 to 3.6.5, 3.5 to ...)
+	TODO: check
+CVE-2019-14830 (A vulnerability was found in Moodle 3.7 to 3.7.1, 3.6 to 3.6.5, 3.5 to ...)
+	TODO: check
+CVE-2019-14829 (A vulnerability was found in Moodle affection 3.7 to 3.7.1, 3.6 to 3.6 ...)
+	TODO: check
+CVE-2019-14828 (A vulnerability was found in Moodle affecting 3.7 to 3.7.1, 3.6 to 3.6 ...)
+	TODO: check
 CVE-2019-14827
 	RESERVED
 CVE-2019-14826 (A flaw was found in FreeIPA versions 4.5.0 and later. Session cookies  ...)
@@ -128611,8 +128612,7 @@ CVE-2019-10227 (openITCOCKPIT before 3.7.1 has reflected XSS in the 404-not-foun
 	NOT-FOR-US: openITCOCKPIT
 CVE-2019-10226 (HTML Injection has been discovered in the v0.19.0 version of the Fat F ...)
 	NOT-FOR-US: Fat Free CRM
-CVE-2019-10225
-	RESERVED
+CVE-2019-10225 (A flaw was found in atomic-openshift of openshift-4.2 where the basic- ...)
 	NOT-FOR-US: OpenShift
 CVE-2019-10224 (A flaw has been found in 389-ds-base versions 1.4.x.x before 1.4.1.3.  ...)
 	- 389-ds-base 1.4.1.5-1
@@ -128741,8 +128741,7 @@ CVE-2019-10202 (A series of deserialization vulnerabilities have been discovered
 	NOT-FOR-US: Codehaus
 CVE-2019-10201 (It was found that Keycloak's SAML broker, versions up to 6.0.1, did no ...)
 	NOT-FOR-US: Keycloak
-CVE-2019-10200
-	RESERVED
+CVE-2019-10200 (A flaw was discovered in OpenShift Container Platform 4 where, by defa ...)
 	NOT-FOR-US: OpenShift
 CVE-2019-10199 (It was found that Keycloak's account console, up to 6.0.1, did not per ...)
 	NOT-FOR-US: Keycloak
@@ -128754,8 +128753,7 @@ CVE-2019-10197 (A flaw was found in samba versions 4.9.x up to 4.9.13, samba 4.1
 	[stretch] - samba <not-affected> (Issue introduced in 4.9.0 upstream)
 	[jessie] - samba <not-affected> (Issue introduced in 4.9.0 upstream)
 	NOTE: https://www.samba.org/samba/security/CVE-2019-10197.html
-CVE-2019-10196
-	RESERVED
+CVE-2019-10196 (A flaw was found in http-proxy-agent, prior to version 2.1.0. It was d ...)
 	NOT-FOR-US: nodejs-http-proxy-agent
 CVE-2019-10195 (A flaw was found in IPA, all 4.6.x versions before 4.6.7, all 4.7.x ve ...)
 	- freeipa 4.8.3-1
@@ -128961,7 +128959,7 @@ CVE-2019-10153 (A flaw was discovered in fence-agents, prior to version 4.3.4, w
 CVE-2019-10152 (A path traversal vulnerability has been discovered in podman before ve ...)
 	- libpod <not-affected> (Fixed before initial upload)
 CVE-2019-10151
-	RESERVED
+	REJECTED
 CVE-2019-10150 (It was found that OpenShift Container Platform versions 3.6.x - 4.6.0  ...)
 	NOT-FOR-US: OpenShift
 CVE-2019-10149 (A flaw was found in Exim versions 4.87 to 4.91 (inclusive). Improper v ...)
@@ -129047,8 +129045,7 @@ CVE-2019-10130 (A vulnerability was found in PostgreSQL versions 11.x up to excl
 CVE-2019-10129 (A vulnerability was found in postgresql versions 11.x prior to 11.3. U ...)
 	- postgresql-11 11.3-1
 	NOTE: https://www.postgresql.org/about/news/1939/
-CVE-2019-10128
-	RESERVED
+CVE-2019-10128 (A vulnerability was found in postgresql versions 11.x prior to 11.3. T ...)
 	- postgresql-11 <not-affected> (Windows-specific)
 	NOTE: https://www.postgresql.org/about/news/1939/
 CVE-2019-10127 (A vulnerability was found in postgresql versions 11.x prior to 11.3. T ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e02389622fac8e8386a0d3ec9388f5c7b0925e5a

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e02389622fac8e8386a0d3ec9388f5c7b0925e5a
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210320/b007a9cb/attachment.htm>

More information about the debian-security-tracker-commits mailing list