[Git][security-tracker-team/security-tracker][master] glib2.0, node-hosted-git-info spu

[Moritz Muehlenhoff]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
0827d673 by Moritz Mühlenhoff at 2021-03-27T19:49:00+01:00
glib2.0, node-hosted-git-info spu

- - - - -


2 changed files:

- data/CVE/list
- data/next-point-update.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -13622,6 +13622,7 @@ CVE-2021-23363
 	RESERVED
 CVE-2021-23362 (The package hosted-git-info before 3.0.8 are vulnerable to Regular Exp ...)
 	- node-hosted-git-info 3.0.8-1
+	[buster] - stretch <no-dsa> (Minor issue)
 	[stretch] - node-hosted-git-info <not-affected> (Vulnerable code introduced later)
 	NOTE: Fixed by: https://github.com/npm/hosted-git-info/commit/bede0dc38e1785e732bf0a48ba6f81a4a908eba3
 	NOTE: https://snyk.io/vuln/SNYK-JS-HOSTEDGITINFO-1088355


=====================================
data/next-point-update.txt
=====================================
@@ -32,3 +32,11 @@ CVE-2021-23336
 	[buster] - python-django 1:1.11.29-1~deb10u2
 CVE-2020-13124
 	[buster] - sabnzbdplus 2.3.6+dfsg-1+deb10u1
+CVE-2021-23362
+	[buster] - node-hosted-git-info 2.7.1-1+deb10u1
+CVE-2021-28153
+	[buster] - glib2.0 2.58.3-2+deb10u3
+CVE-2021-27219
+	[buster] - glib2.0 2.58.3-2+deb10u3
+CVE-2021-27218
+	[buster] - glib2.0 2.58.3-2+deb10u3



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0827d6733274f71c46a763cc9b44e19180db8285

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0827d6733274f71c46a763cc9b44e19180db8285
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210327/7ff353ee/attachment.htm>