[Git][security-tracker-team/security-tracker][master] 3 commits: add gpac

Thu Oct 21 14:11:18 BST 2021


Thorsten Alteholz pushed to branch master at Debian Security Tracker / security-tracker


Commits:
3f0cae72 by Thorsten Alteholz at 2021-10-21T15:00:26+02:00
add gpac

- - - - -
267a2047 by Thorsten Alteholz at 2021-10-21T15:02:33+02:00
mark two CVEs of vim as no-dsa for Stretch

- - - - -
99dd3f50 by Thorsten Alteholz at 2021-10-21T15:05:04+02:00
mark two CVEs of atomicparsley as no-dsa for Stretch

- - - - -


2 changed files:

- data/CVE/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -2618,6 +2618,7 @@ CVE-2021-3875 (vim is vulnerable to Heap-based Buffer Overflow ...)
 	- vim <unfixed> (bug #996593)
 	[bullseye] - vim <no-dsa> (Minor issue)
 	[buster] - vim <no-dsa> (Minor issue)
+	[stretch] - vim <no-dsa> (Minor issue)
 	NOTE: https://huntr.dev/bounties/5cdbc168-6ba1-4bc2-ba6c-28be12166a53/
 	NOTE: https://github.com/vim/vim/commit/35a319b77f897744eec1155b736e9372c9c5575f (v8.2.3489)
 CVE-2021-42133
@@ -2692,6 +2693,7 @@ CVE-2021-42101
 	RESERVED
 CVE-2021-3872 (vim is vulnerable to Heap-based Buffer Overflow ...)
 	- vim <unfixed>
+	[stretch] - vim <no-dsa> (Minor issue)
 	NOTE: https://huntr.dev/bounties/c958013b-1c09-4939-92ca-92f50aa169e8
 	NOTE: https://github.com/vim/vim/commit/826bfe4bbd7594188e3d74d2539d9707b1c6a14b
 CVE-2021-3871
@@ -14202,6 +14204,7 @@ CVE-2021-37233
 	RESERVED
 CVE-2021-37232 (A stack overflow vulnerability occurs in Atomicparsley 20210124.204813 ...)
 	- atomicparsley 20210715.151551.e7ad03a-1 (bug #993366)
+	[stretch] - atomicparsley <no-dsa> (Minor issue)
 	- gtkpod <unfixed> (bug #993376)
 	[bullseye] - gtkpod <ignored> (Minor issue)
 	[buster] - gtkpod <ignored> (Minor issue)
@@ -14210,6 +14213,7 @@ CVE-2021-37232 (A stack overflow vulnerability occurs in Atomicparsley 20210124.
 	NOTE: https://github.com/wez/atomicparsley/issues/32
 CVE-2021-37231 (A stack-buffer-overflow occurs in Atomicparsley 20210124.204813.840499 ...)
 	- atomicparsley 20210715.151551.e7ad03a-1 (bug #993372)
+	[stretch] - atomicparsley <no-dsa> (Minor issue)
 	- gtkpod <unfixed> (bug #993375)
 	[bullseye] - gtkpod <ignored> (Minor issue)
 	[buster] - gtkpod <ignored> (Minor issue)


=====================================
data/dla-needed.txt
=====================================
@@ -44,6 +44,8 @@ firmware-nonfree
   NOTE: 20210731: WIP: https://salsa.debian.org/lts-team/packages/firmware-nonfree
   NOTE: 20210828: Most CVEs are difficult to backport. Contacted Ben regarding possible "ignore" tag
 --
+gpac
+--
 linux (Ben Hutchings)
 --
 linux-4.19 (Ben Hutchings)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/839cb5b9da7d79aa389d8ccd47f751b93d4a47f7...99dd3f50eebe4cbc2ce32fe41c293b56c13fbc26

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/839cb5b9da7d79aa389d8ccd47f751b93d4a47f7...99dd3f50eebe4cbc2ce32fe41c293b56c13fbc26
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20211021/7356cfd9/attachment.htm>
