[Git][security-tracker-team/security-tracker][master] php-illuminate-database, lemonldap ospus
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Fri Feb 25 11:14:49 GMT 2022
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
85910636 by Moritz Mühlenhoff at 2022-02-25T12:14:10+01:00
php-illuminate-database, lemonldap ospus
- - - - -
2 changed files:
- data/CVE/list
- data/next-oldstable-point-update.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -69552,6 +69552,7 @@ CVE-2021-25281 (An issue was discovered in through SaltStack Salt before 3002.5.
CVE-2021-XXXX [SQL Server LIMIT / OFFSET SQL Injection]
- php-laravel-framework 6.20.14+dfsg-2 (bug #987831)
- php-illuminate-database <removed> (bug #987848)
+ [buster] - php-illuminate-database <no-dsa> (Minor issue)
NOTE: https://github.com/laravel/framework/security/advisories/GHSA-4mg9-vhxq-vm7j
NOTE: https://blog.laravel.com/security-sql-injection-in-sql-server-limit-offset
CVE-2021-XXXX [Unexpected database bindings via requests (follow-up)]
@@ -69561,6 +69562,7 @@ CVE-2021-XXXX [Unexpected database bindings via requests (follow-up)]
CVE-2021-21263 (Laravel is a web application framework. Versions of Laravel before 6.2 ...)
- php-laravel-framework 6.20.11+dfsg-1 (bug #980095)
- php-illuminate-database <removed> (bug #980899)
+ [buster] - php-illuminate-database <no-dsa> (Minor issue)
NOTE: https://blog.laravel.com/security-laravel-62011-7302-8221-released
NOTE: https://github.com/laravel/framework/security/advisories/GHSA-3p32-j457-pg5x
NOTE: https://github.com/laravel/framework/pull/35865
=====================================
data/next-oldstable-point-update.txt
=====================================
@@ -238,3 +238,10 @@ CVE-2022-23307
[buster] - apache-log4j1.2 1.2.17-8+deb10u2
CVE-2021-44832
[buster] - apache-log4j2 2.17.1-1~deb10u1
+CVE-2021-40874
+ [buster] - lemonldap-ng 2.0.2+ds-7+deb10u7
+CVE-2021-XXXX [SQL Server LIMIT / OFFSET SQL Injection]
+ [buster] - php-illuminate-database 5.7.27-1+deb10u1
+CVE-2021-21263 (Laravel is a web application framework. Versions of Laravel before 6.2 ...)
+ - php-laravel-framework 6.20.11+dfsg-1 (bug #980095)
+ [buster] - php-illuminate-database 5.7.27-1+deb10u1
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/859106362281d56fedb24453e1fdf48ce82efb91
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/859106362281d56fedb24453e1fdf48ce82efb91
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220225/3b0dbfd3/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list