[Git][security-tracker-team/security-tracker][master] bugs filed

[Moritz Muehlenhoff (@jmm)]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
45849b17 by Moritz Mühlenhoff at 2021-05-30T18:10:02+02:00
bugs filed

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -656,7 +656,7 @@ CVE-2021-33504
 CVE-2021-33503
 	RESERVED
 CVE-2021-33502 (The normalize-url package before 4.5.1, 5.x before 5.3.1, and 6.x befo ...)
-	- node-got <unfixed>
+	- node-got <unfixed> (bug #989258)
 	NOTE: https://github.com/sindresorhus/normalize-url/releases/tag/v6.0.1
 	NOTE: https://github.com/sindresorhus/normalize-url/commit/b1fdb5120b6d27a88400d8800e67ff5a22bd2103	
 	TODO: check, normalize-url seems embedded in node-yarnpkg, node-got, check its use
@@ -13197,7 +13197,7 @@ CVE-2021-28172 (There is a Path Traversal vulnerability in the file download fun
 CVE-2021-28171 (The Vangene deltaFlow E-platform does not take properly protective mea ...)
 	NOT-FOR-US: Vangene deltaFlow E-platform
 CVE-2021-28170 (In the Jakarta Expression Language implementation 3.0.3 and earlier, a ...)
-	- jakarta-el-api <unfixed>
+	- jakarta-el-api <unfixed> (bug #989259)
 	NOTE: https://github.com/eclipse-ee4j/el-ri/issues/155
 	NOTE: https://securitylab.github.com/advisories/GHSL-2020-021-jakarta-el/
 CVE-2021-28169



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/45849b17d6b8ee2feb95abbfcfada38426d3e8e7

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/45849b17d6b8ee2feb95abbfcfada38426d3e8e7
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210530/63ec74dc/attachment.htm>