[Git][security-tracker-team/security-tracker][master] new guacamole issues

[Moritz Muehlenhoff (@jmm)]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
4ab6b1d4 by Moritz Muehlenhoff at 2022-01-12T13:26:11+01:00
new guacamole issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -9396,7 +9396,8 @@ CVE-2021-44001 (A vulnerability has been identified in JT2Go (All versions <
 CVE-2021-44000
 	RESERVED
 CVE-2021-43999 (Apache Guacamole 1.2.0 and 1.3.0 do not properly validate responses re ...)
-	TODO: check
+	- guacamole-client <unfixed>
+	NOTE: https://www.openwall.com/lists/oss-security/2022/01/11/7
 CVE-2021-3976 (kimai2 is vulnerable to Cross-Site Request Forgery (CSRF) ...)
 	NOT-FOR-US: kimai2
 CVE-2021-3975 [segmentation fault during VM shutdown can lead to vdsm hung]
@@ -18204,7 +18205,8 @@ CVE-2021-41769 (A vulnerability has been identified in SIPROTEC 5 6MD85 devices
 CVE-2021-41768
 	RESERVED
 CVE-2021-41767 (Apache Guacamole 1.3.0 and older may incorrectly include a private tun ...)
-	TODO: check
+	- guacamole-client <unfixed>
+	NOTE: https://www.openwall.com/lists/oss-security/2022/01/11/6
 CVE-2021-3837 (openwhyd is vulnerable to Improper Authorization ...)
 	NOT-FOR-US: openwhyd
 CVE-2021-41766



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4ab6b1d42e9bf9e9d7f875fad59de8084ed11d1d

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4ab6b1d42e9bf9e9d7f875fad59de8084ed11d1d
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220112/8ef54bf2/attachment.htm>