[Git][security-tracker-team/security-tracker][master] buster/bullseye triage
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Thu Feb 3 18:46:19 GMT 2022
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
64eb78cb by Moritz Muehlenhoff at 2022-02-03T19:45:55+01:00
buster/bullseye triage
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -14112,6 +14112,8 @@ CVE-2021-3980 (elgg is vulnerable to Exposure of Private Personal Information to
CVE-2021-3979 [ceph: Ceph volume does not honour osd_dmcrypt_key_size]
RESERVED
- ceph <unfixed>
+ [bullseye] - ceph <no-dsa> (Minor issue)
+ [buster] - ceph <no-dsa> (Minor issue)
[stretch] - ceph <no-dsa> (Minor issue)
NOTE: https://www.openwall.com/lists/oss-security/2022/01/11/5
CVE-2021-44034
@@ -26105,6 +26107,8 @@ CVE-2021-40530 (The ElGamal implementation in Crypto++ through 8.5 allows plaint
NOTE: https://github.com/weidai11/cryptopp/commit/bee8e8ca6658 (CRYPTOPP_8_6_0)
CVE-2021-40529 (The ElGamal implementation in Botan through 2.18.1, as used in Thunder ...)
- botan 2.18.1+dfsg-3 (bug #993840)
+ [bullseye] - botan <no-dsa> (Minor issue)
+ [buster] - botan <no-dsa> (Minor issue)
- botan1.10 <removed>
[stretch] - botan1.10 <ignored> (Affected function encrypt(...) has changed drastically. Backport is too instrusive to backport)
NOTE: https://eprint.iacr.org/2021/923
@@ -68090,6 +68094,8 @@ CVE-2021-23728
RESERVED
CVE-2021-23727 (This affects the package celery before 5.2.2. It by default trusts the ...)
- celery 5.2.3-1
+ [bullseye] - celery <no-dsa> (Minor issue)
+ [buster] - celery <not-affected> (Vulnerable code not present)
[stretch] - celery <not-affected> (Vulnerable code introduced later)
NOTE: https://github.com/celery/celery/commit/5c3f1559df16c32fb8d82918b4497f688d42ad0a (v5.2.3)
NOTE: Introduced by: https://github.com/celery/celery/commit/d20b8a5d469c80f48468e251cbe6451c798d1c29 (4.4.0rc1)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/64eb78cb0eb427ad45e0729e36c9456078ea6a38
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/64eb78cb0eb427ad45e0729e36c9456078ea6a38
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220203/44475480/attachment.htm>
More information about the debian-security-tracker-commits
mailing list