[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Mon Nov 1 08:10:54 GMT 2021



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
3dca5ce3 by security tracker role at 2021-11-01T08:10:42+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,181 @@
+CVE-2021-43171
+	RESERVED
+CVE-2021-43170
+	RESERVED
+CVE-2021-43169
+	RESERVED
+CVE-2021-43168
+	RESERVED
+CVE-2021-43167
+	RESERVED
+CVE-2021-43166
+	RESERVED
+CVE-2021-43165
+	RESERVED
+CVE-2021-43164
+	RESERVED
+CVE-2021-43163
+	RESERVED
+CVE-2021-43162
+	RESERVED
+CVE-2021-43161
+	RESERVED
+CVE-2021-43160
+	RESERVED
+CVE-2021-43159
+	RESERVED
+CVE-2021-43158
+	RESERVED
+CVE-2021-43157
+	RESERVED
+CVE-2021-43156
+	RESERVED
+CVE-2021-43155
+	RESERVED
+CVE-2021-43154
+	RESERVED
+CVE-2021-43153
+	RESERVED
+CVE-2021-43152
+	RESERVED
+CVE-2021-43151
+	RESERVED
+CVE-2021-43150
+	RESERVED
+CVE-2021-43149
+	RESERVED
+CVE-2021-43148
+	RESERVED
+CVE-2021-43147
+	RESERVED
+CVE-2021-43146
+	RESERVED
+CVE-2021-43145
+	RESERVED
+CVE-2021-43144
+	RESERVED
+CVE-2021-43143
+	RESERVED
+CVE-2021-43142
+	RESERVED
+CVE-2021-43141
+	RESERVED
+CVE-2021-43140
+	RESERVED
+CVE-2021-43139
+	RESERVED
+CVE-2021-43138
+	RESERVED
+CVE-2021-43137
+	RESERVED
+CVE-2021-43136
+	RESERVED
+CVE-2021-43135
+	RESERVED
+CVE-2021-43134
+	RESERVED
+CVE-2021-43133
+	RESERVED
+CVE-2021-43132
+	RESERVED
+CVE-2021-43131
+	RESERVED
+CVE-2021-43130
+	RESERVED
+CVE-2021-43129
+	RESERVED
+CVE-2021-43128
+	RESERVED
+CVE-2021-43127
+	RESERVED
+CVE-2021-43126
+	RESERVED
+CVE-2021-43125
+	RESERVED
+CVE-2021-43124
+	RESERVED
+CVE-2021-43123
+	RESERVED
+CVE-2021-43122
+	RESERVED
+CVE-2021-43121
+	RESERVED
+CVE-2021-43120
+	RESERVED
+CVE-2021-43119
+	RESERVED
+CVE-2021-43118
+	RESERVED
+CVE-2021-43117
+	RESERVED
+CVE-2021-43116
+	RESERVED
+CVE-2021-43115
+	RESERVED
+CVE-2021-43114
+	RESERVED
+CVE-2021-43113
+	RESERVED
+CVE-2021-43112
+	RESERVED
+CVE-2021-43111
+	RESERVED
+CVE-2021-43110
+	RESERVED
+CVE-2021-43109
+	RESERVED
+CVE-2021-43108
+	RESERVED
+CVE-2021-43107
+	RESERVED
+CVE-2021-43106
+	RESERVED
+CVE-2021-43105
+	RESERVED
+CVE-2021-43104
+	RESERVED
+CVE-2021-43103
+	RESERVED
+CVE-2021-43102
+	RESERVED
+CVE-2021-43101
+	RESERVED
+CVE-2021-43100
+	RESERVED
+CVE-2021-43099
+	RESERVED
+CVE-2021-43098
+	RESERVED
+CVE-2021-43097
+	RESERVED
+CVE-2021-43096
+	RESERVED
+CVE-2021-43095
+	RESERVED
+CVE-2021-43094
+	RESERVED
+CVE-2021-43093
+	RESERVED
+CVE-2021-43092
+	RESERVED
+CVE-2021-43091
+	RESERVED
+CVE-2021-43090
+	RESERVED
+CVE-2021-43089
+	RESERVED
+CVE-2021-43088
+	RESERVED
+CVE-2021-43087
+	RESERVED
+CVE-2021-43086
+	RESERVED
+CVE-2021-43085
+	RESERVED
+CVE-2021-43084
+	RESERVED
+CVE-2021-3916
+	RESERVED
 CVE-2015-10001
 	RESERVED
 CVE-2021-43083
@@ -915,8 +1093,8 @@ CVE-2021-42696
 	RESERVED
 CVE-2021-42695
 	RESERVED
-CVE-2021-42694
-	RESERVED
+CVE-2021-42694 (An issue was discovered in the character definitions of the Unicode Sp ...)
+	TODO: check
 CVE-2021-42693
 	RESERVED
 CVE-2021-42692
@@ -1155,8 +1333,7 @@ CVE-2021-42576 (The bluemonday sanitizer before 1.0.16 for Go, and before 0.0.8
 	NOT-FOR-US: bluemonday sanitizer
 CVE-2021-42575 (The OWASP Java HTML Sanitizer before 20211018.1 does not properly enfo ...)
 	NOT-FOR-US: OWASP HTML Sanitizer
-CVE-2021-42574
-	RESERVED
+CVE-2021-42574 (An issue was discovered in the Bidirectional Algorithm in the Unicode  ...)
 	- rustc <unfixed>
 	[bullseye] - rustc <no-dsa> (Minor issue)
 	[buster] - rustc <no-dsa> (Minor issue)
@@ -5260,8 +5437,8 @@ CVE-2021-3813
 	RESERVED
 CVE-2021-41314 (Certain NETGEAR smart switches are affected by a \n injection in the w ...)
 	NOT-FOR-US: NETGEAR
-CVE-2021-41313
-	RESERVED
+CVE-2021-41313 (Affected versions of Atlassian Jira Server and Data Center allow authe ...)
+	TODO: check
 CVE-2021-41312
 	RESERVED
 CVE-2021-41311
@@ -7534,8 +7711,7 @@ CVE-2021-40350 (webctrl.cgi.elf on Christie Digital DWU850-GS V06.46 devices all
 	NOT-FOR-US: Christie Digital DWU850-GS V06.46 devices
 CVE-2021-40349 (e7d Speed Test (aka speedtest) 0.5.3 allows a path-traversal attack th ...)
 	NOT-FOR-US: e7d Speed Test
-CVE-2021-40348
-	RESERVED
+CVE-2021-40348 (Spacewalk 2.10, and derivatives such as Uyuni 2021.08, allows code inj ...)
 	NOT-FOR-US: Uyuni / Spacewalk (Red Hat)
 CVE-2021-40347 (An issue was discovered in views/list.py in GNU Mailman Postorius befo ...)
 	{DSA-4970-1}
@@ -23204,18 +23380,18 @@ CVE-2021-33740 (Windows Media Remote Code Execution Vulnerability ...)
 	NOT-FOR-US: Microsoft
 CVE-2021-33739 (Microsoft DWM Core Library Elevation of Privilege Vulnerability ...)
 	NOT-FOR-US: Microsoft
-CVE-2020-36381
-	RESERVED
-CVE-2020-36380
-	RESERVED
-CVE-2020-36379
-	RESERVED
-CVE-2020-36378
-	RESERVED
-CVE-2020-36377
-	RESERVED
-CVE-2020-36376
-	RESERVED
+CVE-2020-36381 (An issue was discovered in the singleCrunch function in shenzhim aaptj ...)
+	TODO: check
+CVE-2020-36380 (An issue was discovered in the crunch function in shenzhim aaptjs 1.3. ...)
+	TODO: check
+CVE-2020-36379 (An issue was discovered in the remove function in shenzhim aaptjs 1.3. ...)
+	TODO: check
+CVE-2020-36378 (An issue was discovered in the packageCmd function in shenzhim aaptjs  ...)
+	TODO: check
+CVE-2020-36377 (An issue was discovered in the dump function in shenzhim aaptjs 1.3.1, ...)
+	TODO: check
+CVE-2020-36376 (An issue was discovered in the list function in shenzhim aaptjs 1.3.1, ...)
+	TODO: check
 CVE-2020-36375 (Stack overflow vulnerability in parse_equality Cesanta MJS 1.20.1, all ...)
 	NOT-FOR-US: Cesanta MJS
 CVE-2020-36374 (Stack overflow vulnerability in parse_comparison Cesanta MJS 1.20.1, a ...)
@@ -56687,10 +56863,10 @@ CVE-2021-20841
 	RESERVED
 CVE-2021-20840
 	RESERVED
-CVE-2021-20839
-	RESERVED
-CVE-2021-20838
-	RESERVED
+CVE-2021-20839 (Office Server Document Converter V7.2MR4 and earlier and V7.1MR7 and e ...)
+	TODO: check
+CVE-2021-20838 (Office Server Document Converter V7.2MR4 and earlier and V7.1MR7 and e ...)
+	TODO: check
 CVE-2021-20837 (Movable Type 7 r.5002 and earlier (Movable Type 7 Series), Movable Typ ...)
 	- movabletype-opensource <removed>
 CVE-2021-20836 (Out-of-bounds read vulnerability in CX-Supervisor v4.0.0.13 and v4.0.0 ...)
@@ -72313,12 +72489,12 @@ CVE-2020-26709
 	RESERVED
 CVE-2020-26708
 	RESERVED
-CVE-2020-26707
-	RESERVED
+CVE-2020-26707 (An issue was discovered in the add function in Shenzhim AAPTJS 1.3.1 w ...)
+	TODO: check
 CVE-2020-26706
 	RESERVED
-CVE-2020-26705
-	RESERVED
+CVE-2020-26705 (The parseXML function in Easy-XML 0.5.0 was discovered to have a XML E ...)
+	TODO: check
 CVE-2020-26704
 	RESERVED
 CVE-2020-26703



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3dca5ce33aa0d5685f27bf895d9237af35db9f30

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3dca5ce33aa0d5685f27bf895d9237af35db9f30
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20211101/37d1609d/attachment-0001.htm>


More information about the debian-security-tracker-commits mailing list