[Git][security-tracker-team/security-tracker][master] buster/bullseye triage

Moritz Muehlenhoff (@jmm) jmm at debian.org
Mon Jan 10 17:32:02 GMT 2022 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
d012b8bb by Moritz Muehlenhoff at 2022-01-10T18:31:50+01:00
buster/bullseye triage

- - - - -


2 changed files:

- data/CVE/list
- data/dsa-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -6750,6 +6750,7 @@ CVE-2021-44538 (The olm_session_describe function in Matrix libolm before 3.2.7
 	{DSA-5034-1 DLA-2874-1}
 	- element-web <itp> (bug #866502)
 	- olm 3.2.8~dfsg-1 (bug #1001664)
+	[bullseye] - olm <no-dsa> (Minor issue)
 	[buster] - olm <not-affected> (Vulnerable code introduced later)
 	- node-matrix-js-sdk <unfixed>
 	- thunderbird 1:91.4.1-1
@@ -10616,6 +10617,8 @@ CVE-2021-43519 (Stack overflow in lua_resume of ldo.c in Lua Interpreter 5.1.0~5
 	NOTE: Fixed by: https://github.com/lua/lua/commit/74d99057a5146755e737c479850f87fd0e3b6868
 CVE-2021-43518 (Teeworlds up to and including 0.7.5 is vulnerable to Buffer Overflow.  ...)
 	- teeworlds <unfixed>
+	[bullseye] - teeworlds <no-dsa> (Minor issue)
+	[buster] - teeworlds <no-dsa> (Minor issue)
 	NOTE: https://github.com/teeworlds/teeworlds/issues/2981
 	NOTE: https://mmmds.pl/fuzzing-map-parser-part-1-teeworlds/
 CVE-2021-43517


=====================================
data/dsa-needed.txt
=====================================
@@ -26,6 +26,8 @@ faad2/oldstable (jmm)
 --
 librecad
 --
+lighttpd (jmm)
+--
 linux (carnil)
   Wait until more issues have piled up, though try to regulary rebase for point
   releases to more recent v4.19.y versions.



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d012b8bb5ec9413a949a226cba97980babe4ff01

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d012b8bb5ec9413a949a226cba97980babe4ff01
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220110/2100cd8a/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list