[Git][security-tracker-team/security-tracker][master] automatic update

Sat Oct 30 21:10:29 BST 2021


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
7adcfd96 by security tracker role at 2021-10-30T20:10:21+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,13 @@
+CVE-2021-43083
+	RESERVED
+CVE-2021-43082
+	RESERVED
+CVE-2021-3915
+	RESERVED
+CVE-2020-36505
+	RESERVED
+CVE-2020-36504
+	RESERVED
 CVE-2021-43081
 	RESERVED
 CVE-2021-43080
@@ -15949,8 +15959,8 @@ CVE-2021-36810
 	RESERVED
 CVE-2021-36809
 	RESERVED
-CVE-2021-36808
-	RESERVED
+CVE-2021-36808 (A local attacker could bypass the app password using a race condition  ...)
+	TODO: check
 CVE-2021-36807
 	RESERVED
 CVE-2021-36806
@@ -169771,15 +169781,15 @@ CVE-2019-9708 (An issue was discovered in Mahara 17.10 before 17.10.8, 18.04 bef
 CVE-2019-9707
 	RESERVED
 CVE-2019-9705 (Vixie Cron before the 3.0pl1-133 Debian package allows local users to  ...)
-	{DLA-1723-1}
+	{DLA-2801-1 DLA-1723-1}
 	- cron 3.0pl1-133 (low)
 	NOTE: Fixed by: https://salsa.debian.org/debian/cron/commit/26814a26
 CVE-2019-9706 (Vixie Cron before the 3.0pl1-133 Debian package allows local users to  ...)
-	{DLA-1723-1}
+	{DLA-2801-1 DLA-1723-1}
 	- cron 3.0pl1-133 (bug #809167)
 	NOTE: Fixed by: https://salsa.debian.org/debian/cron/commit/40791b93
 CVE-2019-9704 (Vixie Cron before the 3.0pl1-133 Debian package allows local users to  ...)
-	{DLA-1723-1}
+	{DLA-2801-1 DLA-1723-1}
 	- cron 3.0pl1-133 (low)
 	NOTE: Fixed by: https://salsa.debian.org/debian/cron/commit/f2525567
 CVE-2019-9703 (Symantec Endpoint Encryption, prior to SEE 11.3.0, may be susceptible  ...)
@@ -274024,7 +274034,7 @@ CVE-2017-9524 (The qemu-nbd server in QEMU (aka Quick Emulator), when built with
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2017-05/msg06240.html
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2017-06/msg02321.html
 CVE-2017-9525 (In the cron package through 3.0pl1-128 on Debian, and through 3.0pl1-1 ...)
-	{DLA-1723-1}
+	{DLA-2801-1 DLA-1723-1}
 	- cron 3.0pl1-129 (bug #864466)
 	[wheezy] - cron <no-dsa> (Minor issue)
 	- systemd-cron 1.5.17-2 (bug #993731)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7adcfd9631a38d0392059033862e5f0b9623f501

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7adcfd9631a38d0392059033862e5f0b9623f501
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20211030/3dbac347/attachment.htm>
