[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sun Nov 7 08:10:20 GMT 2021 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
a032dc0d by security tracker role at 2021-11-07T08:10:10+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -7469,6 +7469,7 @@ CVE-2021-41105 (FreeSWITCH is a Software Defined Telecom Stack enabling the digi
 CVE-2021-41104 (ESPHome is a system to control the ESP8266/ESP32. Anyone with web_serv ...)
 	NOT-FOR-US: ESPHome
 CVE-2021-41103 (containerd is an open source container runtime with an emphasis on sim ...)
+	{DSA-5002-1}
 	- containerd 1.5.7~ds1-1
 	NOTE: https://github.com/containerd/containerd/security/advisories/GHSA-c2h3-6mxw-7mvq
 	NOTE: https://github.com/containerd/containerd/commit/403846c9540f5bfdaf1fe5349cce5fd3bc60f507 (v1.4.11)
@@ -177447,7 +177448,7 @@ CVE-2019-7549 (An issue was discovered in GitLab Community and Enterprise Editio
 	- gitlab 11.5.10+dfsg-1 (bug #921059)
 	NOTE: https://about.gitlab.com/2019/01/31/security-release-gitlab-11-dot-7-dot-3-released/
 CVE-2019-7548 (SQLAlchemy 1.2.17 has SQL Injection when the group_by parameter can be ...)
-	{DLA-1718-1}
+	{DLA-2811-1 DLA-1718-1}
 	[experimental] - sqlalchemy 1.3.0~b3+ds1-1
 	- sqlalchemy 1.2.18+ds1-2 (bug #922669)
 	NOTE: https://github.com/sqlalchemy/sqlalchemy/issues/4481
@@ -178585,7 +178586,7 @@ CVE-2019-7165 (A buffer overflow in DOSBox 0.74-2 allows attackers to execute ar
 	NOTE: Upstream clarification https://sourceforge.net/p/dosbox/bugs/508/
 	NOTE: Fixed by https://sourceforge.net/p/dosbox/code-0/3925/
 CVE-2019-7164 (SQLAlchemy through 1.2.17 and 1.3.x through 1.3.0b2 allows SQL Injecti ...)
-	{DLA-1718-1}
+	{DLA-2811-1 DLA-1718-1}
 	[experimental] - sqlalchemy 1.3.0~b3+ds1-1
 	- sqlalchemy 1.2.18+ds1-2 (bug #922669)
 	NOTE: https://github.com/sqlalchemy/sqlalchemy/issues/4481



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a032dc0d8ab0bf8f8d8c1e85fe49d9f512316afa

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a032dc0d8ab0bf8f8d8c1e85fe49d9f512316afa
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20211107/f762555a/attachment.htm>

More information about the debian-security-tracker-commits mailing list