[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue Oct 12 09:10:23 BST 2021 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
35d6e140 by security tracker role at 2021-10-12T08:10:15+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,19 @@
+CVE-2021-42262
+	RESERVED
+CVE-2021-42261
+	RESERVED
+CVE-2021-42260 (TinyXML through 2.6.2 has an infinite loop in TiXmlParsingData::Stamp  ...)
+	TODO: check
+CVE-2021-42259
+	RESERVED
+CVE-2021-42258
+	RESERVED
+CVE-2021-42257 (check_smart before 6.9.1 allows unintended drive access by an unprivil ...)
+	TODO: check
+CVE-2021-42256
+	RESERVED
+CVE-2021-3878
+	RESERVED
 CVE-2021-42255
 	RESERVED
 CVE-2021-42254
@@ -9180,7 +9196,7 @@ CVE-2021-38302 (The Newsletter extension through 4.0.0 for TYPO3 allows SQL Inje
 	NOT-FOR-US: Newsletter extension for TYPO3
 CVE-2021-38301
 	RESERVED
-CVE-2021-38300 (arch/mips/net/bpf_jit.c in the Linux kernel through 5.14.6 can generat ...)
+CVE-2021-38300 (arch/mips/net/bpf_jit.c in the Linux kernel before 5.4.10 can generate ...)
 	- linux 5.14.6-1
 	[bullseye] - linux 5.10.70-1
 	[stretch] - linux <ignored> (mips not supported in LTS)
@@ -45494,8 +45510,8 @@ CVE-2021-23450
 	RESERVED
 CVE-2021-23449
 	RESERVED
-CVE-2021-23448
-	RESERVED
+CVE-2021-23448 (All versions of package config-handler are vulnerable to Prototype Pol ...)
+	TODO: check
 CVE-2021-23447 (This affects the package teddy before 0.5.9. A type confusion vulnerab ...)
 	TODO: check
 CVE-2021-23446 (The package handsontable before 10.0.0; the package handsontable from  ...)
@@ -73802,6 +73818,7 @@ CVE-2020-24744
 CVE-2020-24743
 	RESERVED
 CVE-2020-24742 (An issue has been fixed in Qt versions 5.14.0 where QPluginLoader atte ...)
+	{DSA-4617-1}
 	- qtbase-opensource-src 5.12.5+dfsg-8
 	- qtbase-opensource-src-gles 5.14.2+dfsg-3
 	- qt4-x11 <not-affected> (Vulnerable code introduced later)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/35d6e14050f7681bd23a325549370b5ae3432852

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/35d6e14050f7681bd23a325549370b5ae3432852
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20211012/544b96a9/attachment.htm>

More information about the debian-security-tracker-commits mailing list