[Git][security-tracker-team/security-tracker][master] NFU (concludes external check)

Moritz Muehlenhoff (@jmm) jmm at debian.org
Thu Sep 2 12:43:10 BST 2021 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
607e569b by Moritz Muehlenhoff at 2021-09-02T13:42:30+02:00
NFU (concludes external check)

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -268,6 +268,8 @@ CVE-2021-40320
 CVE-2021-3750 [hcd-ehci: DMA reentrancy issue leads to use-after-free]
 	RESERVED
 	- qemu <unfixed>
+	[bullseye] - qemu <no-dsa> (Minor issue)
+	[buster] - qemu <no-dsa> (Minor issue)
 	NOTE: https://gitlab.com/qemu-project/qemu/-/issues/541
 	NOTE: Fix for whole class of DMA MMIO reentrancy issues: https://gitlab.com/qemu-project/qemu/-/issues/556
 	NOTE: Patchset: https://lists.nongnu.org/archive/html/qemu-devel/2021-08/msg03692.html
@@ -1765,7 +1767,9 @@ CVE-2021-39616
 CVE-2021-3733 [Denial of service when identifying crafted invalid RFCs]
 	RESERVED
 	- python3.9 3.9.7-1
+	[bullseye] - python3.9 <no-dsa> (Minor issue)
 	- python3.7 <removed>
+	[buster] - python3.7 <no-dsa> (Minor issue)
 	- python3.5 <removed>
 	NOTE: https://bugs.python.org/issue43075
 	NOTE: https://github.com/python/cpython/pull/24391
@@ -40697,7 +40701,7 @@ CVE-2021-23408 (This affects the package com.graphhopper:graphhopper-web-bundle
 CVE-2021-23407 (This affects the package elFinder.Net.Core from 0 and before 1.2.4. Th ...)
 	NOT-FOR-US: elFinder.Net.Core
 CVE-2021-23406 (This affects the package pac-resolver before 5.0.0. This can occur whe ...)
-	TODO: check
+	NOT-FOR-US: Node pac-resolver
 CVE-2021-23405 (This affects the package pimcore/pimcore before 10.0.7. This issue exi ...)
 	NOT-FOR-US: Pimcore
 CVE-2021-23404



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/607e569b26c1b5a03903735e187e58106fc25bed

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/607e569b26c1b5a03903735e187e58106fc25bed
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210902/6c7c8885/attachment.htm>

More information about the debian-security-tracker-commits mailing list