[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Oct 6 21:01:52 BST 2021
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
2eaa7c45 by Salvatore Bonaccorso at 2021-10-06T22:01:23+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -13998,7 +13998,7 @@ CVE-2021-36053 (XMP Toolkit SDK versions 2020.1 (and earlier) are affected by an
CVE-2021-36052 (XMP Toolkit version 2020.1 (and earlier) is affected by a memory corru ...)
NOT-FOR-US: Adobe
CVE-2021-36051 (XMP Toolkit SDK version 2020.1 (and earlier) is affected by a buffer o ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2021-36050 (XMP Toolkit SDK version 2020.1 (and earlier) is affected by a buffer o ...)
NOT-FOR-US: Adobe
CVE-2021-36049 (Adobe Bridge version 11.1 (and earlier) is affected by a memory corrup ...)
@@ -14273,7 +14273,7 @@ CVE-2021-35936 (If remote logging is not used, the worker (in the case of Celery
CVE-2021-3626 (The Windows version of Multipass before 1.7.0 allowed any local proces ...)
NOT-FOR-US: Multipass
CVE-2021-3625 (Buffer overflow in Zephyr USB DFU DNLOAD. Zephyr versions >= v2.5.0 ...)
- TODO: check
+ NOT-FOR-US: Zephyr, different from src:zephyr
CVE-2021-35935
RESERVED
CVE-2021-35934
@@ -18959,7 +18959,7 @@ CVE-2021-33850
CVE-2021-33849 (A Cross-Site Scripting (XSS) attack can cause arbitrary code (JavaScri ...)
TODO: check
CVE-2021-3581 (Buffer Access with Incorrect Length Value in zephyr. Zephyr versions & ...)
- TODO: check
+ NOT-FOR-US: Zephyr, different from src:zephyr
CVE-2021-3580 (A flaw was found in the way nettle's RSA decryption functions handled ...)
{DSA-4933-1 DLA-2760-1}
- nettle 3.7.3-1 (bug #989631)
@@ -25023,7 +25023,7 @@ CVE-2021-31524
CVE-2021-31522
RESERVED
CVE-2021-3510 (Zephyr JSON decoder incorrectly decodes array of array. Zephyr version ...)
- TODO: check
+ NOT-FOR-US: Zephyr, different from src:zephyr
CVE-2021-3509 (A flaw was found in Red Hat Ceph Storage 4, in the Dashboard component ...)
- ceph 14.2.21-1 (bug #988888)
[buster] - ceph <not-affected> (Vulnerable code introduced later)
@@ -33369,7 +33369,7 @@ CVE-2021-3438 (A potential buffer overflow in the software drivers for certain H
CVE-2021-3437
RESERVED
CVE-2021-3436 (BT: Possible to overwrite an existing bond during keys distribution ph ...)
- TODO: check
+ NOT-FOR-US: Zephyr, different from src:zephyr
CVE-2021-28216 (BootPerformanceTable pointer is read from an NVRAM variable in PEI. Re ...)
- edk2 <unfixed>
[bullseye] - edk2 <no-dsa> (Minor issue)
@@ -38167,7 +38167,7 @@ CVE-2021-3321
CVE-2021-3320 (Type Confusion in 802154 ACK Frames Handling. Zephyr versions >= v2 ...)
NOT-FOR-US: Zephyr, different from src:zephyr
CVE-2021-3319 (DOS: Incorrect 802154 Frame Validation for Omitted Source / Dest Addre ...)
- TODO: check
+ NOT-FOR-US: Zephyr, different from src:zephyr
CVE-2021-3318 (attach/ajax.php in DzzOffice through 2.02.1 allows XSS via the editori ...)
NOT-FOR-US: DzzOffice
CVE-2021-26274 (The Agent in NinjaRMM 5.0.909 has Insecure Permissions. ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2eaa7c45ad5d5e0e825e501d482693a7b369c0f1
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2eaa7c45ad5d5e0e825e501d482693a7b369c0f1
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20211006/4b9f7386/attachment.htm>
More information about the debian-security-tracker-commits
mailing list