[Git][security-tracker-team/security-tracker][master] bullseye triage
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Fri May 28 09:53:12 BST 2021
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
a01f623d by Moritz Muehlenhoff at 2021-05-28T10:50:23+02:00
bullseye triage
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -11749,6 +11749,7 @@ CVE-2021-3446 (A flaw was found in libtpms in versions before 0.8.2. The commonl
CVE-2021-28650 (autoar-extractor.c in GNOME gnome-autoar before 0.3.1, as used by GNOM ...)
[experimental] - gnome-autoar 0.3.1-1
- gnome-autoar <unfixed> (bug #985391)
+ [bullseye] - gnome-autoar <no-dsa> (Minor issue)
[buster] - gnome-autoar <not-affected> (Incomplete fix for CVE-2020-36241 not applied)
[stretch] - gnome-autoar <not-affected> (Incomplete fix for CVE-2020-36241 not applied)
NOTE: https://gitlab.gnome.org/GNOME/gnome-autoar/-/issues/12
@@ -66459,6 +66460,7 @@ CVE-2020-17496 (vBulletin 5.5.4 through 5.6.2 allows remote command execution vi
NOT-FOR-US: vBulletin
CVE-2020-17495 (django-celery-results through 1.2.1 stores task results in the databas ...)
- python-django-celery-results <unfixed> (bug #968305)
+ [bullseye] - python-django-celery-results <no-dsa> (Minor issue)
[buster] - python-django-celery-results <no-dsa> (Minor issue)
NOTE: https://github.com/celery/django-celery-results/issues/142
CVE-2020-17494 (Untangle Firewall NG before 16.0 uses MD5 for passwords. ...)
@@ -93233,6 +93235,7 @@ CVE-2020-7712 (This affects the package json before 10.0.0. It is possible to in
NOT-FOR-US: Node json
CVE-2020-7711 (This affects all versions of package github.com/russellhaering/goxmlds ...)
- golang-github-russellhaering-goxmldsig <unfixed> (bug #968928)
+ [bullseye] - golang-github-russellhaering-goxmldsig <no-dsa> (Minor issue)
[buster] - golang-github-russellhaering-goxmldsig <no-dsa> (Minor issue)
NOTE: https://github.com/russellhaering/goxmldsig/issues/48
CVE-2020-7710 (This affects all versions of package safe-eval. It is possible for an ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a01f623def180ba775fbd219eff4a14b71eec2b7
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a01f623def180ba775fbd219eff4a14b71eec2b7
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210528/9d361aad/attachment.htm>
More information about the debian-security-tracker-commits
mailing list