[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Mon Nov 8 08:10:25 GMT 2021 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
838274e0 by security tracker role at 2021-11-08T08:10:12+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,217 @@
+CVE-2021-43521
+	RESERVED
+CVE-2021-43520
+	RESERVED
+CVE-2021-43519
+	RESERVED
+CVE-2021-43518
+	RESERVED
+CVE-2021-43517
+	RESERVED
+CVE-2021-43516
+	RESERVED
+CVE-2021-43515
+	RESERVED
+CVE-2021-43514
+	RESERVED
+CVE-2021-43513
+	RESERVED
+CVE-2021-43512
+	RESERVED
+CVE-2021-43511
+	RESERVED
+CVE-2021-43510
+	RESERVED
+CVE-2021-43509
+	RESERVED
+CVE-2021-43508
+	RESERVED
+CVE-2021-43507
+	RESERVED
+CVE-2021-43506
+	RESERVED
+CVE-2021-43505
+	RESERVED
+CVE-2021-43504
+	RESERVED
+CVE-2021-43503
+	RESERVED
+CVE-2021-43502
+	RESERVED
+CVE-2021-43501
+	RESERVED
+CVE-2021-43500
+	RESERVED
+CVE-2021-43499
+	RESERVED
+CVE-2021-43498
+	RESERVED
+CVE-2021-43497
+	RESERVED
+CVE-2021-43496
+	RESERVED
+CVE-2021-43495
+	RESERVED
+CVE-2021-43494
+	RESERVED
+CVE-2021-43493
+	RESERVED
+CVE-2021-43492
+	RESERVED
+CVE-2021-43491
+	RESERVED
+CVE-2021-43490
+	RESERVED
+CVE-2021-43489
+	RESERVED
+CVE-2021-43488
+	RESERVED
+CVE-2021-43487
+	RESERVED
+CVE-2021-43486
+	RESERVED
+CVE-2021-43485
+	RESERVED
+CVE-2021-43484
+	RESERVED
+CVE-2021-43483
+	RESERVED
+CVE-2021-43482
+	RESERVED
+CVE-2021-43481
+	RESERVED
+CVE-2021-43480
+	RESERVED
+CVE-2021-43479
+	RESERVED
+CVE-2021-43478
+	RESERVED
+CVE-2021-43477
+	RESERVED
+CVE-2021-43476
+	RESERVED
+CVE-2021-43475
+	RESERVED
+CVE-2021-43474
+	RESERVED
+CVE-2021-43473
+	RESERVED
+CVE-2021-43472
+	RESERVED
+CVE-2021-43471
+	RESERVED
+CVE-2021-43470
+	RESERVED
+CVE-2021-43469
+	RESERVED
+CVE-2021-43468
+	RESERVED
+CVE-2021-43467
+	RESERVED
+CVE-2021-43466
+	RESERVED
+CVE-2021-43465
+	RESERVED
+CVE-2021-43464
+	RESERVED
+CVE-2021-43463
+	RESERVED
+CVE-2021-43462
+	RESERVED
+CVE-2021-43461
+	RESERVED
+CVE-2021-43460
+	RESERVED
+CVE-2021-43459
+	RESERVED
+CVE-2021-43458
+	RESERVED
+CVE-2021-43457
+	RESERVED
+CVE-2021-43456
+	RESERVED
+CVE-2021-43455
+	RESERVED
+CVE-2021-43454
+	RESERVED
+CVE-2021-43453
+	RESERVED
+CVE-2021-43452
+	RESERVED
+CVE-2021-43451
+	RESERVED
+CVE-2021-43450
+	RESERVED
+CVE-2021-43449
+	RESERVED
+CVE-2021-43448
+	RESERVED
+CVE-2021-43447
+	RESERVED
+CVE-2021-43446
+	RESERVED
+CVE-2021-43445
+	RESERVED
+CVE-2021-43444
+	RESERVED
+CVE-2021-43443
+	RESERVED
+CVE-2021-43442
+	RESERVED
+CVE-2021-43441
+	RESERVED
+CVE-2021-43440
+	RESERVED
+CVE-2021-43439
+	RESERVED
+CVE-2021-43438
+	RESERVED
+CVE-2021-43437
+	RESERVED
+CVE-2021-43436
+	RESERVED
+CVE-2021-43435
+	RESERVED
+CVE-2021-43434
+	RESERVED
+CVE-2021-43433
+	RESERVED
+CVE-2021-43432
+	RESERVED
+CVE-2021-43431
+	RESERVED
+CVE-2021-43430
+	RESERVED
+CVE-2021-43429
+	RESERVED
+CVE-2021-43428
+	RESERVED
+CVE-2021-43427
+	RESERVED
+CVE-2021-43426
+	RESERVED
+CVE-2021-43425
+	RESERVED
+CVE-2021-43424
+	RESERVED
+CVE-2021-43423
+	RESERVED
+CVE-2021-43422
+	RESERVED
+CVE-2021-43421
+	RESERVED
+CVE-2021-43420
+	RESERVED
+CVE-2021-43419
+	RESERVED
+CVE-2021-43418
+	RESERVED
+CVE-2021-43417
+	RESERVED
+CVE-2021-43416
+	RESERVED
+CVE-2021-43415
+	RESERVED
 CVE-2021-43414 (An issue was discovered in GNU Hurd before 0.9 20210404-9. The use of  ...)
 	- hurd 1:0.9.git20210404-9
 CVE-2021-43413 (An issue was discovered in GNU Hurd before 0.9 20210404-9. A single pa ...)
@@ -4327,12 +4541,12 @@ CVE-2021-42374
 	RESERVED
 CVE-2021-42373
 	RESERVED
-CVE-2021-42372
-	RESERVED
-CVE-2021-42371
-	RESERVED
-CVE-2021-42370
-	RESERVED
+CVE-2021-42372 (A shell command injection in the HW Events SNMP community in XoruX LPA ...)
+	TODO: check
+CVE-2021-42371 (lpar2rrd is a hardcoded system account in XoruX LPAR2RRD and STOR2RRD  ...)
+	TODO: check
+CVE-2021-42370 (A password mismanagement situation exists in XoruX LPAR2RRD and STOR2R ...)
+	TODO: check
 CVE-2021-42369 (Imagicle Application Suite (for Cisco UC) before 2021.Summer.2 allows  ...)
 	NOT-FOR-US: Imagicle Application Suite
 CVE-2021-42368
@@ -5232,20 +5446,20 @@ CVE-2021-42080
 	RESERVED
 CVE-2021-42079
 	RESERVED
-CVE-2021-42078
-	RESERVED
-CVE-2021-42077
-	RESERVED
-CVE-2021-42076
-	RESERVED
-CVE-2021-42075
-	RESERVED
-CVE-2021-42074
-	RESERVED
-CVE-2021-42073
-	RESERVED
-CVE-2021-42072
-	RESERVED
+CVE-2021-42078 (PHP Event Calendar through 2021-11-04 allows persistent cross-site scr ...)
+	TODO: check
+CVE-2021-42077 (PHP Event Calendar before 2021-09-03 allows SQL injection, as demonstr ...)
+	TODO: check
+CVE-2021-42076 (An issue was discovered in Barrier before 2.3.4. An attacker can cause ...)
+	TODO: check
+CVE-2021-42075 (An issue was discovered in Barrier before 2.3.4. The barriers componen ...)
+	TODO: check
+CVE-2021-42074 (An issue was discovered in Barrier before 2.3.4. An unauthenticated at ...)
+	TODO: check
+CVE-2021-42073 (An issue was discovered in Barrier before 2.4.0. An attacker can enter ...)
+	TODO: check
+CVE-2021-42072 (An issue was discovered in Barrier before 2.4.0. The barriers componen ...)
+	TODO: check
 CVE-2021-42071 (In Visual Tools DVR VX16 4.2.28.0, an unauthenticated attacker can ach ...)
 	NOT-FOR-US: Visual Tools DVR VX16
 CVE-2021-42070
@@ -5977,8 +6191,7 @@ CVE-2021-3839
 	RESERVED
 CVE-2017-20007 (Ingeteam INGEPAC DA AU AUC_1.13.0.28 (and before) web application allo ...)
 	NOT-FOR-US: Ingeteam INGEPAC DA AU
-CVE-2021-41772
-	RESERVED
+CVE-2021-41772 (Go before 1.16.10 and 1.17.x before 1.17.3 allows an archive/zip Reade ...)
 	- golang-1.17 1.17.3-1
 	- golang-1.16 <unfixed>
 	- golang-1.15 <unfixed>
@@ -5989,8 +6202,7 @@ CVE-2021-41772
 	NOTE: https://groups.google.com/g/golang-announce/c/0fM21h43arc
 	NOTE: https://github.com/golang/go/commit/b212ba68296b503b395e7d1838ca72a19030a6bf (go1.17.3)
 	NOTE: https://github.com/golang/go/commit/88407a8dd98411f1730907dc8a69b99488af0052 (go1.16.10)
-CVE-2021-41771
-	RESERVED
+CVE-2021-41771 (ImportedSymbols in debug/macho (for Open or OpenFat) in Go before 1.16 ...)
 	- golang-1.17 1.17.3-1
 	- golang-1.16 <unfixed>
 	- golang-1.15 <unfixed>
@@ -22829,10 +23041,10 @@ CVE-2021-3601
 	NOTE: https://github.com/openssl/openssl/issues/5236
 CVE-2021-34686
 	RESERVED
-CVE-2021-34685
-	RESERVED
-CVE-2021-34684
-	RESERVED
+CVE-2021-34685 (UploadService in Hitachi Vantara Pentaho Business Analytics through 9. ...)
+	TODO: check
+CVE-2021-34684 (Hitachi Vantara Pentaho Business Analytics through 9.1 allows an unaut ...)
+	TODO: check
 CVE-2021-34683 (An issue was discovered in EXCELLENT INFOTEK CORPORATION (EIC) E-docum ...)
 	NOT-FOR-US: EXCELLENT INFOTEK CORPORATION
 CVE-2021-34682 (Receita Federal IRPF 2021 1.7 allows a man-in-the-middle attack agains ...)
@@ -30611,14 +30823,14 @@ CVE-2021-31604 (furlongm openvpn-monitor through 1.1.3 allows CSRF to disconnect
 	NOT-FOR-US: openvpn-monitor
 CVE-2021-31603
 	RESERVED
-CVE-2021-31602
-	RESERVED
-CVE-2021-31601
-	RESERVED
-CVE-2021-31600
-	RESERVED
-CVE-2021-31599
-	RESERVED
+CVE-2021-31602 (An issue was discovered in Hitachi Vantara Pentaho through 9.1 and Pen ...)
+	TODO: check
+CVE-2021-31601 (An issue was discovered in Hitachi Vantara Pentaho through 9.1 and Pen ...)
+	TODO: check
+CVE-2021-31600 (An issue was discovered in Hitachi Vantara Pentaho through 9.1 and Pen ...)
+	TODO: check
+CVE-2021-31599 (An issue was discovered in Hitachi Vantara Pentaho through 9.1 and Pen ...)
+	TODO: check
 CVE-2021-31598 (An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezx ...)
 	{DLA-2705-1}
 	- mapcache <unfixed> (bug #989363)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/838274e0d266368bc0d517cc32e28bda4fe1808f

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/838274e0d266368bc0d517cc32e28bda4fe1808f
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20211108/bb7ec3e6/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list