[Git][security-tracker-team/security-tracker][master] hyperkitty bug

[Moritz Muehlenhoff (@jmm)]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
96b5c4ec by Moritz Muehlenhoff at 2021-05-27T21:32:26+02:00
hyperkitty bug
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1200,7 +1200,7 @@ CVE-2021-33040
 CVE-2021-33039
 	RESERVED
 CVE-2021-33038 (An issue was discovered in management/commands/hyperkitty_import.py in ...)
-	- hyperkitty <unfixed>
+	- hyperkitty <unfixed> (bug #989183)
 	NOTE: https://gitlab.com/mailman/hyperkitty/-/commit/9025324597d60b2dff740e49b70b15589d6804fa
 	NOTE: https://gitlab.com/mailman/hyperkitty/-/issues/380
 CVE-2021-33037
@@ -25477,25 +25477,25 @@ CVE-2021-22743 (Improper Check for Unusual or Exceptional Conditions vulnerabili
 CVE-2021-22742 (Improper Check for Unusual or Exceptional Conditions vulnerability exi ...)
 	NOT-FOR-US: Tricon
 CVE-2021-22741 (Use of Password Hash with Insufficient Computational Effort vulnerabil ...)
-	TODO: check
+	NOT-FOR-US: Schneider
 CVE-2021-22740 (Information Exposure vulnerability exists in homeLYnk (Wiser For KNX)  ...)
-	TODO: check
+	NOT-FOR-US: Schneider
 CVE-2021-22739 (Information Exposure vulnerability exists in homeLYnk (Wiser For KNX)  ...)
-	TODO: check
+	NOT-FOR-US: Schneider
 CVE-2021-22738 (Use of a Broken or Risky Cryptographic Algorithm vulnerability exists  ...)
-	TODO: check
+	NOT-FOR-US: Schneider
 CVE-2021-22737 (Insufficiently Protected Credentials vulnerability exists in homeLYnk  ...)
-	TODO: check
+	NOT-FOR-US: Schneider
 CVE-2021-22736 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
-	TODO: check
+	NOT-FOR-US: Schneider
 CVE-2021-22735 (Improper Verification of Cryptographic Signature vulnerability exists  ...)
-	TODO: check
+	NOT-FOR-US: Schneider
 CVE-2021-22734 (Improper Verification of Cryptographic Signature vulnerability exists  ...)
-	TODO: check
+	NOT-FOR-US: Schneider
 CVE-2021-22733 (Improper Privilege Management vulnerability exists in homeLYnk (Wiser  ...)
-	TODO: check
+	NOT-FOR-US: Schneider
 CVE-2021-22732 (Improper Privilege Management vulnerability exists in homeLYnk (Wiser  ...)
-	TODO: check
+	NOT-FOR-US: Schneider
 CVE-2021-22731 (Weak Password Recovery Mechanism for Forgotten Password vulnerability  ...)
 	NOT-FOR-US: Modicon
 CVE-2021-22730
@@ -25549,7 +25549,7 @@ CVE-2021-22707
 CVE-2021-22706
 	RESERVED
 CVE-2021-22705 (Improper Restriction of Operations within the Bounds of a Memory Buffe ...)
-	TODO: check
+	NOT-FOR-US: Schneider
 CVE-2021-22704
 	RESERVED
 CVE-2021-22703 (A CWE-319: Cleartext transmission of sensitive information vulnerabili ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/96b5c4eca7ac763f22f07c449adab81b19c00578

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/96b5c4eca7ac763f22f07c449adab81b19c00578
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210527/724d6a2f/attachment.htm>