[Git][security-tracker-team/security-tracker][master] automatic update

Mon Oct 11 09:10:25 BST 2021


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
6e5a604a by security tracker role at 2021-10-11T08:10:16+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,31 @@
+CVE-2021-42147
+	RESERVED
+CVE-2021-42146
+	RESERVED
+CVE-2021-42145
+	RESERVED
+CVE-2021-42144
+	RESERVED
+CVE-2021-42143
+	RESERVED
+CVE-2021-42142
+	RESERVED
+CVE-2021-42141
+	RESERVED
+CVE-2021-42140
+	RESERVED
+CVE-2021-42139 (Deno before 0.107.0 allows Code Injection via an untrusted YAML file i ...)
+	TODO: check
+CVE-2021-42138
+	RESERVED
+CVE-2021-42137 (An issue was discovered in Zammad before 5.0.1. In some cases, there i ...)
+	TODO: check
+CVE-2021-42136
+	RESERVED
+CVE-2021-42135 (HashiCorp Vault and Vault Enterprise 1.8.x through 1.8.4 may have an u ...)
+	TODO: check
+CVE-2021-42134 (The Unicorn framework before 0.36.1 for Django allows XSS via a compon ...)
+	TODO: check
 CVE-2021-3876
 	RESERVED
 CVE-2021-3875
@@ -2455,8 +2483,8 @@ CVE-2021-41057
 	RESERVED
 CVE-2021-41056
 	RESERVED
-CVE-2021-41055
-	RESERVED
+CVE-2021-41055 (Gajim 1.2.x and 1.3.x before 1.3.3 allows remote attackers to cause a  ...)
+	TODO: check
 CVE-2021-41053
 	RESERVED
 CVE-2021-41052
@@ -23752,6 +23780,7 @@ CVE-2021-32068 (The AWV and MiCollab Client Service components in Mitel MiCollab
 CVE-2021-32067 (The MiCollab Client Service component in Mitel MiCollab before 9.3 cou ...)
 	NOT-FOR-US: Mitel
 CVE-2021-32066 (An issue was discovered in Ruby through 2.6.7, 2.7.x through 2.7.3, an ...)
+	{DLA-2780-1}
 	- ruby2.7 2.7.4-1 (bug #990815)
 	- ruby2.5 <removed>
 	- ruby2.3 <removed>
@@ -24666,6 +24695,7 @@ CVE-2021-31811 (In Apache PDFBox, a carefully crafted PDF file can trigger an Ou
 	NOTE: https://www.openwall.com/lists/oss-security/2021/06/12/2
 	NOTE: https://github.com/apache/pdfbox/commit/cd17a19e9ab1028dc662e972dd8dbb3fa68b4a33
 CVE-2021-31810 (An issue was discovered in Ruby through 2.6.7, 2.7.x through 2.7.3, an ...)
+	{DLA-2780-1}
 	- ruby2.7 2.7.4-1 (bug #990815)
 	- ruby2.5 <removed>
 	- ruby2.3 <removed>
@@ -24726,6 +24756,7 @@ CVE-2021-31800 (Multiple path traversal vulnerabilities exist in smbserver.py in
 	[stretch] - impacket <no-dsa> (Minor issue)
 	NOTE: https://github.com/SecureAuthCorp/impacket/commit/49c643bf66620646884ed141c94e5fdd85bcdd2f
 CVE-2021-31799 (In RDoc 3.11 through 6.x before 6.3.1, as distributed with Ruby throug ...)
+	{DLA-2780-1}
 	- ruby2.7 2.7.4-1 (bug #990815)
 	- ruby2.5 <removed>
 	- ruby2.3 <removed>



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6e5a604adeb1944a6e80e53687a35e93362d2c31

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6e5a604adeb1944a6e80e53687a35e93362d2c31
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20211011/76fdc282/attachment-0001.htm>
