[Git][security-tracker-team/security-tracker][master] automatic update

Sun May 16 21:10:37 BST 2021


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
18042e37 by security tracker role at 2021-05-16T20:10:24+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -9291,8 +9291,8 @@ CVE-2021-29049
 	RESERVED
 CVE-2021-29048
 	RESERVED
-CVE-2021-29047
-	RESERVED
+CVE-2021-29047 (The SimpleCaptcha implementation in Liferay Portal 7.3.4, 7.3.5 and Li ...)
+	TODO: check
 CVE-2021-29046
 	RESERVED
 CVE-2021-29045
@@ -9303,12 +9303,12 @@ CVE-2021-29043
 	RESERVED
 CVE-2021-29042
 	RESERVED
-CVE-2021-29041
-	RESERVED
-CVE-2021-29040
-	RESERVED
-CVE-2021-29039
-	RESERVED
+CVE-2021-29041 (Denial-of-service (DoS) vulnerability in the Multi-Factor Authenticati ...)
+	TODO: check
+CVE-2021-29040 (The JSON web services in Liferay Portal 7.3.4 and earlier, and Liferay ...)
+	TODO: check
+CVE-2021-29039 (Cross-site scripting (XSS) vulnerability in the Asset module's categor ...)
+	TODO: check
 CVE-2021-29038
 	RESERVED
 CVE-2021-29037
@@ -24284,8 +24284,8 @@ CVE-2021-22670 (An uninitialized pointer may be exploited in Fatek FvDesigner Ve
 	NOT-FOR-US: Fatek FvDesigner
 CVE-2021-22669 (Incorrect permissions are set to default on the ‘Project Managem ...)
 	NOT-FOR-US: WebAccess/SCADA
-CVE-2021-22668
-	RESERVED
+CVE-2021-22668 (Delta Industrial Automation CNCSoft ScreenEditor Versions 1.01.28 (wit ...)
+	TODO: check
 CVE-2021-22667 (BB-ESWGP506-2SFP-T versions 1.01.09 and prior is vulnerable due to the ...)
 	NOT-FOR-US: BB-ESWGP506-2SFP-T
 CVE-2021-22666 (Fatek FvDesigner Version 1.5.76 and prior is vulnerable to a stack-bas ...)
@@ -25220,7 +25220,7 @@ CVE-2021-22206 (An issue has been discovered in GitLab affecting all versions st
 CVE-2021-22205 (An issue has been discovered in GitLab CE/EE affecting all versions st ...)
 	- gitlab <unfixed>
 CVE-2021-22204 (Improper neutralization of user data in the DjVu file format in ExifTo ...)
-	{DSA-4910-1}
+	{DSA-4910-1 DLA-2663-1}
 	- libimage-exiftool-perl 12.16+dfsg-2 (bug #987505)
 	NOTE: https://bugs.launchpad.net/bugs/1925985
 	NOTE: https://github.com/exiftool/exiftool/commit/cf0f4e7dcd024ca99615bfd1102a841a25dde031#diff-fa0d652d10dbcd246e6b1df16c1e992931d3bb717a7e36157596b76bdadb3800



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/18042e371d496cdaa80f46c94ee1928cac0d82cc

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/18042e371d496cdaa80f46c94ee1928cac0d82cc
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210516/7ac10ab1/attachment.htm>
