[Git][security-tracker-team/security-tracker][master] kubectl no-dsa

Moritz Muehlenhoff (@jmm) jmm at debian.org
Tue Jan 11 14:14:49 GMT 2022 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
9e12bdc8 by Moritz Muehlenhoff at 2022-01-11T15:14:31+01:00
kubectl no-dsa
fix up one nodejs commit reference

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -7577,12 +7577,12 @@ CVE-2021-44532 [Certificate Verification Bypass via String Injection]
 	RESERVED
 	- nodejs <unfixed>
 	NOTE: https://nodejs.org/en/blog/vulnerability/jan-2022-security-releases/#certificate-verification-bypass-via-string-injection-medium-cve-2021-44532
-	NOTE: https://github.com/nodejs/node/commit/e0fe6a635e5929a364986a6c39dc3585b9ddcd85 (v12.x)
 	NOTE: https://github.com/nodejs/node/commit/19873abfb24dce75ffff042efe76dc5633052677 (v12.x)
 CVE-2021-44531 [Improper handling of URI Subject Alternative Names]
 	RESERVED
 	- nodejs <unfixed>
 	NOTE: https://nodejs.org/en/blog/vulnerability/jan-2022-security-releases/#improper-handling-of-uri-subject-alternative-names-medium-cve-2021-44531
+	NOTE: https://github.com/nodejs/node/commit/e0fe6a635e5929a364986a6c39dc3585b9ddcd85 (v12.x)
 	NOTE: https://github.com/nodejs/node/commit/a5c7843cab6fdb9c845edadc2a7b9b30e02c8bf2 (v12.x)
 CVE-2021-44530
 	RESERVED
@@ -57759,8 +57759,8 @@ CVE-2021-25744
 	RESERVED
 CVE-2021-25743 (kubectl does not neutralize escape, meta or control sequences containe ...)
 	- kubernetes <unfixed>
+	[bullseye] - kubernetes <no-dsa> (Minor issue)
 	NOTE: https://github.com/kubernetes/kubernetes/issues/101695
-	TODO: check details
 CVE-2021-25742 (A security issue was discovered in ingress-nginx where a user that can ...)
 	NOT-FOR-US: Kubernetes ingress-nginx component
 CVE-2021-25741 (A security issue was discovered in Kubernetes where a user may be able ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9e12bdc8642f52781085b618ffe644d2e4de1aae

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9e12bdc8642f52781085b618ffe644d2e4de1aae
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220111/bfd76f5e/attachment.htm>

More information about the debian-security-tracker-commits mailing list