[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) jmm at debian.org
Mon Sep 6 09:43:34 BST 2021 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
59d2f5b1 by Moritz Muehlenhoff at 2021-09-06T10:43:12+02:00
NFUs
pure-ftpd no-dsa

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -4,6 +4,8 @@ CVE-2021-3771
 	RESERVED
 CVE-2021-40524 (In Pure-FTPd 1.0.49, an incorrect max_filesize quota mechanism in the  ...)
 	- pure-ftpd <unfixed>
+	[bullseye] - pure-ftpd <no-dsa> (Minor issue)
+	[buster] - pure-ftpd <no-dsa> (Minor issue)
 	NOTE: https://github.com/jedisct1/pure-ftpd/pull/158
 CVE-2021-40523 (In Contiki 3.0, Telnet option negotiation is mishandled. During negoti ...)
 	NOT-FOR-US: Contiki
@@ -3015,7 +3017,7 @@ CVE-2021-39195
 CVE-2021-39194
 	RESERVED
 CVE-2021-39193 (Frontier is Substrate's Ethereum compatibility layer. Prior to commit  ...)
-	TODO: check
+	NOT-FOR-US: Frontier
 CVE-2021-39192 (Ghost is a Node.js content management system. An error in the implemen ...)
 	NOT-FOR-US: Ghost CMS
 CVE-2021-39191 (mod_auth_openidc is an authentication/authorization module for the Apa ...)
@@ -40890,7 +40892,7 @@ CVE-2021-23441
 CVE-2021-23440
 	RESERVED
 CVE-2021-23439 (This affects the package file-upload-with-preview before 4.2.0. A file ...)
-	TODO: check
+	NOT-FOR-US: Node file-upload-with-preview
 CVE-2021-23438 (This affects the package mpath before 0.8.4. A type confusion vulnerab ...)
 	NOT-FOR-US: Node mpath
 CVE-2021-23437 (The package pillow from 0 and before 8.3.2 are vulnerable to Regular E ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/59d2f5b19792ef88e8cb82a052e15ef7b8f873c2

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/59d2f5b19792ef88e8cb82a052e15ef7b8f873c2
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210906/5a754a79/attachment.htm>

More information about the debian-security-tracker-commits mailing list