[Git][security-tracker-team/security-tracker][master] automatic update

Sun Oct 17 09:10:23 BST 2021


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
9b983d88 by security tracker role at 2021-10-17T08:10:15+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -109071,7 +109071,7 @@ CVE-2020-11082 (In Kaminari before 1.2.1, there is a vulnerability that would al
 CVE-2020-11081 (osquery before version 4.4.0 enables a privilege escalation vulnerabil ...)
 	- osquery <itp> (bug #803502)
 CVE-2020-11080 (In nghttp2 before version 1.41.0, the overly large HTTP/2 SETTINGS fra ...)
-	{DSA-4696-1}
+	{DSA-4696-1 DLA-2786-1}
 	- nghttp2 1.41.0-1
 	- nodejs 10.21.0~dfsg-1 (bug #962145)
 	[stretch] - nodejs <ignored> (Nodejs in stretch not covered by security support)
@@ -221203,6 +221203,7 @@ CVE-2018-9860 (An issue was discovered in Botan 1.11.32 through 2.x before 2.6.0
 CVE-2018-9859 (The path of Whale update service was unquoted in NAVER Whale before 1. ...)
 	NOT-FOR-US: Whale
 CVE-2018-1000168 (nghttp2 version >= 1.10.0 and nghttp2 <= v1.31.0 contains an Imp ...)
+	{DLA-2786-1}
 	- nghttp2 1.31.1-1 (low; bug #895566)
 	[jessie] - nghttp2 <not-affected> (Issue introduced in 1.10.0)
 	NOTE: Affected versions: nghttp2 >= 1.10.0 and nghttp2 <= v1.31.0



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9b983d88b0693e5b37a17551f98d33184aca7ee3

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9b983d88b0693e5b37a17551f98d33184aca7ee3
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20211017/488c3b77/attachment.htm>
