[Git][security-tracker-team/security-tracker][master] buster/bullseye triage
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Mon Jan 17 08:33:32 GMT 2022
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
3c26aa00 by Moritz Muehlenhoff at 2022-01-17T09:33:02+01:00
buster/bullseye triage
- - - - -
2 changed files:
- data/CVE/list
- data/dsa-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -2389,6 +2389,7 @@ CVE-2022-0120
RESERVED
{DSA-5046-1}
- chromium 97.0.4692.71-0.1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2022-0119
RESERVED
@@ -2396,116 +2397,139 @@ CVE-2022-0118
RESERVED
{DSA-5046-1}
- chromium 97.0.4692.71-0.1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2022-0117
RESERVED
{DSA-5046-1}
- chromium 97.0.4692.71-0.1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2022-0116
RESERVED
{DSA-5046-1}
- chromium 97.0.4692.71-0.1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2022-0115
RESERVED
{DSA-5046-1}
- chromium 97.0.4692.71-0.1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2022-0114
RESERVED
{DSA-5046-1}
- chromium 97.0.4692.71-0.1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2022-0113
RESERVED
{DSA-5046-1}
- chromium 97.0.4692.71-0.1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2022-0112
RESERVED
{DSA-5046-1}
- chromium 97.0.4692.71-0.1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2022-0111
RESERVED
{DSA-5046-1}
- chromium 97.0.4692.71-0.1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2022-0110
RESERVED
{DSA-5046-1}
- chromium 97.0.4692.71-0.1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2022-0109
RESERVED
{DSA-5046-1}
- chromium 97.0.4692.71-0.1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2022-0108
RESERVED
{DSA-5046-1}
- chromium 97.0.4692.71-0.1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2022-0107
RESERVED
{DSA-5046-1}
- chromium 97.0.4692.71-0.1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2022-0106
RESERVED
{DSA-5046-1}
- chromium 97.0.4692.71-0.1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2022-0105
RESERVED
{DSA-5046-1}
- chromium 97.0.4692.71-0.1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2022-0104
RESERVED
{DSA-5046-1}
- chromium 97.0.4692.71-0.1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2022-0103
RESERVED
{DSA-5046-1}
- chromium 97.0.4692.71-0.1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2022-0102
RESERVED
{DSA-5046-1}
- chromium 97.0.4692.71-0.1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2022-0101
RESERVED
{DSA-5046-1}
- chromium 97.0.4692.71-0.1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2022-0100
RESERVED
{DSA-5046-1}
- chromium 97.0.4692.71-0.1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2022-0099
RESERVED
{DSA-5046-1}
- chromium 97.0.4692.71-0.1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2022-0098
RESERVED
{DSA-5046-1}
- chromium 97.0.4692.71-0.1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2022-0097
RESERVED
{DSA-5046-1}
- chromium 97.0.4692.71-0.1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2022-0096
RESERVED
{DSA-5046-1}
- chromium 97.0.4692.71-0.1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2022-0095
RESERVED
@@ -3479,40 +3503,40 @@ CVE-2021-45958 (UltraJSON (aka ujson) 4.0.2 through 5.0.0 has a stack-based buff
NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=36009
TODO: claimed to be fixed in range https://github.com/ultrajson/ultrajson/compare/e3ccc5a1ff945275106d9323c00683fafeffc04a...682c6601569980e9a8a05378d3c1478db30384bc which seem to indicate the fuzzing did not really was helpful and CVE is bogus
CVE-2021-45957 (Dnsmasq 2.86 has a heap-based buffer overflow in answer_request (calle ...)
- - dnsmasq <unfixed>
+ - dnsmasq <unfixed> (unimportant)
NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=35920
NOTE: https://github.com/google/oss-fuzz-vulns/blob/main/vulns/dnsmasq/OSV-2021-935.yaml
- TODO: check, the introducing commit seems odd, and might be just related to when fuzzing started, and is same for other dnsmaq and oss-fuzz related reports.
+ NOTE: Non issue, result of poorly automated fuzzing effort
CVE-2021-45956 (Dnsmasq 2.86 has a heap-based buffer overflow in print_mac (called fro ...)
- - dnsmasq <unfixed>
+ - dnsmasq <unfixed> (unimportant)
NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=35887
NOTE: https://github.com/google/oss-fuzz-vulns/blob/main/vulns/dnsmasq/OSV-2021-933.yaml
- TODO: check, the introducing commit seems odd, and might be just related to when fuzzing started, and is same for other dnsmaq and oss-fuzz related reports.
+ NOTE: Non issue, result of poorly automated fuzzing effort
CVE-2021-45955 (Dnsmasq 2.86 has a heap-based buffer overflow in resize_packet (called ...)
- - dnsmasq <unfixed>
+ - dnsmasq <unfixed> (unimportant)
NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=35898
NOTE: https://github.com/google/oss-fuzz-vulns/blob/main/vulns/dnsmasq/OSV-2021-932.yaml
- TODO: check, the introducing commit seems odd, and might be just related to when fuzzing started, and is same for other dnsmaq and oss-fuzz related reports.
+ NOTE: Non issue, result of poorly automated fuzzing effort
CVE-2021-45954 (Dnsmasq 2.86 has a heap-based buffer overflow in extract_name (called ...)
- - dnsmasq <unfixed>
+ - dnsmasq <unfixed> (unimportant)
NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=35861
NOTE: https://github.com/google/oss-fuzz-vulns/blob/main/vulns/dnsmasq/OSV-2021-931.yaml
- TODO: check, the introducing commit seems odd, and might be just related to when fuzzing started, and is same for other dnsmaq and oss-fuzz related reports.
+ NOTE: Non issue, result of poorly automated fuzzing effort
CVE-2021-45953 (Dnsmasq 2.86 has a heap-based buffer overflow in extract_name (called ...)
- - dnsmasq <unfixed>
+ - dnsmasq <unfixed> (unimportant)
NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=35858
NOTE: https://github.com/google/oss-fuzz-vulns/blob/main/vulns/dnsmasq/OSV-2021-929.yaml
- TODO: check, the introducing commit seems odd, and might be just related to when fuzzing started, and is same for other dnsmaq and oss-fuzz related reports.
+ NOTE: Non issue, result of poorly automated fuzzing effort
CVE-2021-45952 (Dnsmasq 2.86 has a heap-based buffer overflow in dhcp_reply (called fr ...)
- - dnsmasq <unfixed>
+ - dnsmasq <unfixed> (unimportant)
NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=35870
NOTE: https://github.com/google/oss-fuzz-vulns/blob/main/vulns/dnsmasq/OSV-2021-927.yaml
- TODO: check, the introducing commit seems odd, and might be just related to when fuzzing started, and is same for other dnsmaq and oss-fuzz related reports.
+ NOTE: Non issue, result of poorly automated fuzzing effort
CVE-2021-45951 (Dnsmasq 2.86 has a heap-based buffer overflow in check_bad_address (ca ...)
- - dnsmasq <unfixed>
+ - dnsmasq <unfixed> (unimportant)
NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=35868
NOTE: https://github.com/google/oss-fuzz-vulns/blob/main/vulns/dnsmasq/OSV-2021-924.yaml
- TODO: check, the introducing commit seems odd, and might be just related to when fuzzing started, and is same for other dnsmaq and oss-fuzz related reports.
+ NOTE: Non issue, result of poorly automated fuzzing effort
CVE-2021-45950 (LibreDWG 0.12.4.4313 through 0.12.4.4367 has an out-of-bounds write in ...)
- libredwg <itp> (bug #595191)
CVE-2021-45949 (Ghostscript GhostPDL 9.50 through 9.54.0 has a heap-based buffer overf ...)
@@ -7624,26 +7648,31 @@ CVE-2021-4102
RESERVED
{DSA-5046-1}
- chromium 97.0.4692.71-0.1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-4101
RESERVED
{DSA-5046-1}
- chromium 97.0.4692.71-0.1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-4100
RESERVED
{DSA-5046-1}
- chromium 97.0.4692.71-0.1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-4099
RESERVED
{DSA-5046-1}
- chromium 97.0.4692.71-0.1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-4098
RESERVED
{DSA-5046-1}
- chromium 97.0.4692.71-0.1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-4097 (phpservermon is vulnerable to Improper Neutralization of CRLF Sequence ...)
NOT-FOR-US: phpservermon
@@ -8003,10 +8032,12 @@ CVE-2021-44693
CVE-2021-4079 (Out of bounds write in WebRTC in Google Chrome prior to 96.0.4664.93 a ...)
{DSA-5046-1}
- chromium 97.0.4692.71-0.1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-4078 (Type confusion in V8 in Google Chrome prior to 96.0.4664.93 allowed a ...)
{DSA-5046-1}
- chromium 97.0.4692.71-0.1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-4077
RESERVED
@@ -8331,6 +8362,8 @@ CVE-2021-44549 (Apache Sling Commons Messaging Mail provides a simple layer on t
NOT-FOR-US: Apache Sling
CVE-2021-4069 (vim is vulnerable to Use After Free ...)
- vim 2:8.2.3995-1
+ [bullseye] - vim <no-dsa> (Minor issue)
+ [buster] - vim <no-dsa> (Minor issue)
NOTE: https://huntr.dev/bounties/0efd6d23-2259-4081-9ff1-3ade26907d74/
NOTE: https://github.com/vim/vim/commit/e031fe90cf2e375ce861ff5e5e281e4ad229ebb9 (v8.2.3741)
CVE-2021-44548 (An Improper Input Validation vulnerability in DataImportHandler of Apa ...)
@@ -8338,68 +8371,84 @@ CVE-2021-44548 (An Improper Input Validation vulnerability in DataImportHandler
CVE-2021-4068 (Insufficient data validation in new tab page in Google Chrome prior to ...)
{DSA-5046-1}
- chromium 97.0.4692.71-0.1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-4067 (Use after free in window manager in Google Chrome on ChromeOS prior to ...)
{DSA-5046-1}
- chromium 97.0.4692.71-0.1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-4066 (Integer underflow in ANGLE in Google Chrome prior to 96.0.4664.93 allo ...)
{DSA-5046-1}
- chromium 97.0.4692.71-0.1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-4065 (Use after free in autofill in Google Chrome prior to 96.0.4664.93 allo ...)
{DSA-5046-1}
- chromium 97.0.4692.71-0.1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-4064 (Use after free in screen capture in Google Chrome on ChromeOS prior to ...)
{DSA-5046-1}
- chromium 97.0.4692.71-0.1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-4063 (Use after free in developer tools in Google Chrome prior to 96.0.4664. ...)
{DSA-5046-1}
- chromium 97.0.4692.71-0.1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-4062 (Heap buffer overflow in BFCache in Google Chrome prior to 96.0.4664.93 ...)
{DSA-5046-1}
- chromium 97.0.4692.71-0.1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-4061 (Type confusion in V8 in Google Chrome prior to 96.0.4664.93 allowed a ...)
{DSA-5046-1}
- chromium 97.0.4692.71-0.1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-4060
RESERVED
CVE-2021-4059 (Insufficient data validation in loader in Google Chrome prior to 96.0. ...)
{DSA-5046-1}
- chromium 97.0.4692.71-0.1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-4058 (Heap buffer overflow in ANGLE in Google Chrome prior to 96.0.4664.93 a ...)
{DSA-5046-1}
- chromium 97.0.4692.71-0.1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-4057 (Use after free in file API in Google Chrome prior to 96.0.4664.93 allo ...)
{DSA-5046-1}
- chromium 97.0.4692.71-0.1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-4056 (Type confusion in loader in Google Chrome prior to 96.0.4664.93 allowe ...)
{DSA-5046-1}
- chromium 97.0.4692.71-0.1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-4055 (Heap buffer overflow in extensions in Google Chrome prior to 96.0.4664 ...)
{DSA-5046-1}
- chromium 97.0.4692.71-0.1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-4054 (Incorrect security UI in autofill in Google Chrome prior to 96.0.4664. ...)
{DSA-5046-1}
- chromium 97.0.4692.71-0.1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-4053 (Use after free in UI in Google Chrome on Linux prior to 96.0.4664.93 a ...)
{DSA-5046-1}
- chromium 97.0.4692.71-0.1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-4052 (Use after free in web apps in Google Chrome prior to 96.0.4664.93 allo ...)
{DSA-5046-1}
- chromium 97.0.4692.71-0.1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-4051
RESERVED
@@ -20215,10 +20264,14 @@ CVE-2021-41166
RESERVED
CVE-2021-41165 (CKEditor4 is an open source WYSIWYG HTML editor. In affected version a ...)
- ckeditor <unfixed> (bug #999909)
+ [bullseye] - ckeditor <no-dsa> (Minor issue)
+ [buster] - ckeditor <no-dsa> (Minor issue)
[stretch] - ckeditor <no-dsa> (Minor issue)
NOTE: https://github.com/ckeditor/ckeditor4/security/advisories/GHSA-7h26-63m7-qhf2 (v4.17.0)
CVE-2021-41164 (CKEditor4 is an open source WYSIWYG HTML editor. In affected versions ...)
- ckeditor <unfixed> (bug #999909)
+ [bullseye] - ckeditor <no-dsa> (Minor issue)
+ [buster] - ckeditor <no-dsa> (Minor issue)
[stretch] - ckeditor <no-dsa> (Minor issue)
NOTE: https://github.com/ckeditor/ckeditor4/security/advisories/GHSA-pvmx-g8h5-cprj (v4.17.0)
CVE-2021-41163 (Discourse is an open source platform for community discussion. In affe ...)
@@ -28009,268 +28062,334 @@ CVE-2021-38023
CVE-2021-38022 (Inappropriate implementation in WebAuthentication in Google Chrome pri ...)
{DSA-5046-1}
- chromium 97.0.4692.71-0.1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-38021 (Inappropriate implementation in referrer in Google Chrome prior to 96. ...)
{DSA-5046-1}
- chromium 97.0.4692.71-0.1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-38020 (Insufficient policy enforcement in contacts picker in Google Chrome on ...)
{DSA-5046-1}
- chromium 97.0.4692.71-0.1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-38019 (Insufficient policy enforcement in CORS in Google Chrome prior to 96.0 ...)
{DSA-5046-1}
- chromium 97.0.4692.71-0.1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-38018 (Inappropriate implementation in navigation in Google Chrome prior to 9 ...)
{DSA-5046-1}
- chromium 97.0.4692.71-0.1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-38017 (Insufficient policy enforcement in iframe sandbox in Google Chrome pri ...)
{DSA-5046-1}
- chromium 97.0.4692.71-0.1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-38016 (Insufficient policy enforcement in background fetch in Google Chrome p ...)
{DSA-5046-1}
- chromium 97.0.4692.71-0.1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-38015 (Inappropriate implementation in input in Google Chrome prior to 96.0.4 ...)
{DSA-5046-1}
- chromium 97.0.4692.71-0.1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-38014 (Out of bounds write in Swiftshader in Google Chrome prior to 96.0.4664 ...)
{DSA-5046-1}
- chromium 97.0.4692.71-0.1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-38013 (Heap buffer overflow in fingerprint recognition in Google Chrome on Ch ...)
{DSA-5046-1}
- chromium 97.0.4692.71-0.1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-38012 (Type confusion in V8 in Google Chrome prior to 96.0.4664.45 allowed a ...)
{DSA-5046-1}
- chromium 97.0.4692.71-0.1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-38011 (Use after free in storage foundation in Google Chrome prior to 96.0.46 ...)
{DSA-5046-1}
- chromium 97.0.4692.71-0.1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-38010 (Inappropriate implementation in service workers in Google Chrome prior ...)
{DSA-5046-1}
- chromium 97.0.4692.71-0.1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-38009 (Inappropriate implementation in cache in Google Chrome prior to 96.0.4 ...)
{DSA-5046-1}
- chromium 97.0.4692.71-0.1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-38008 (Use after free in media in Google Chrome prior to 96.0.4664.45 allowed ...)
{DSA-5046-1}
- chromium 97.0.4692.71-0.1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-38007 (Type confusion in V8 in Google Chrome prior to 96.0.4664.45 allowed a ...)
{DSA-5046-1}
- chromium 97.0.4692.71-0.1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-38006 (Use after free in storage foundation in Google Chrome prior to 96.0.46 ...)
{DSA-5046-1}
- chromium 97.0.4692.71-0.1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-38005 (Use after free in loader in Google Chrome prior to 96.0.4664.45 allowe ...)
{DSA-5046-1}
- chromium 97.0.4692.71-0.1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-38004 (Insufficient policy enforcement in Autofill in Google Chrome prior to ...)
{DSA-5046-1}
- chromium 97.0.4692.71-0.1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-38003 (Inappropriate implementation in V8 in Google Chrome prior to 95.0.4638 ...)
{DSA-5046-1}
- chromium 97.0.4692.71-0.1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-38002 (Use after free in Web Transport in Google Chrome prior to 95.0.4638.69 ...)
{DSA-5046-1}
- chromium 97.0.4692.71-0.1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-38001 (Type confusion in V8 in Google Chrome prior to 95.0.4638.69 allowed a ...)
{DSA-5046-1}
- chromium 97.0.4692.71-0.1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-38000 (Insufficient validation of untrusted input in Intents in Google Chrome ...)
{DSA-5046-1}
- chromium 97.0.4692.71-0.1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-37999 (Insufficient data validation in New Tab Page in Google Chrome prior to ...)
{DSA-5046-1}
- chromium 97.0.4692.71-0.1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-37998 (Use after free in Garbage Collection in Google Chrome prior to 95.0.46 ...)
{DSA-5046-1}
- chromium 97.0.4692.71-0.1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-37997 (Use after free in Sign-In in Google Chrome prior to 95.0.4638.69 allow ...)
{DSA-5046-1}
- chromium 97.0.4692.71-0.1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-37996 (Insufficient validation of untrusted input Downloads in Google Chrome ...)
{DSA-5046-1}
- chromium 97.0.4692.71-0.1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-37995 (Inappropriate implementation in WebApp Installer in Google Chrome prio ...)
{DSA-5046-1}
- chromium 97.0.4692.71-0.1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-37994 (Inappropriate implementation in iFrame Sandbox in Google Chrome prior ...)
{DSA-5046-1}
- chromium 97.0.4692.71-0.1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-37993 (Use after free in PDF Accessibility in Google Chrome prior to 95.0.463 ...)
{DSA-5046-1}
- chromium 97.0.4692.71-0.1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-37992 (Out of bounds read in WebAudio in Google Chrome prior to 95.0.4638.54 ...)
{DSA-5046-1}
- chromium 97.0.4692.71-0.1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-37991 (Race in V8 in Google Chrome prior to 95.0.4638.54 allowed a remote att ...)
{DSA-5046-1}
- chromium 97.0.4692.71-0.1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-37990 (Inappropriate implementation in WebView in Google Chrome on Android pr ...)
{DSA-5046-1}
- chromium 97.0.4692.71-0.1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-37989 (Inappropriate implementation in Blink in Google Chrome prior to 95.0.4 ...)
{DSA-5046-1}
- chromium 97.0.4692.71-0.1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-37988 (Use after free in Profiles in Google Chrome prior to 95.0.4638.54 allo ...)
{DSA-5046-1}
- chromium 97.0.4692.71-0.1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-37987 (Use after free in Network APIs in Google Chrome prior to 95.0.4638.54 ...)
{DSA-5046-1}
- chromium 97.0.4692.71-0.1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-37986 (Heap buffer overflow in Settings in Google Chrome prior to 95.0.4638.5 ...)
{DSA-5046-1}
- chromium 97.0.4692.71-0.1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-37985 (Use after free in V8 in Google Chrome prior to 95.0.4638.54 allowed a ...)
{DSA-5046-1}
- chromium 97.0.4692.71-0.1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-37984 (Heap buffer overflow in PDFium in Google Chrome prior to 95.0.4638.54 ...)
{DSA-5046-1}
- chromium 97.0.4692.71-0.1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-37983 (Use after free in Dev Tools in Google Chrome prior to 95.0.4638.54 all ...)
{DSA-5046-1}
- chromium 97.0.4692.71-0.1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-37982 (Use after free in Incognito in Google Chrome prior to 95.0.4638.54 all ...)
{DSA-5046-1}
- chromium 97.0.4692.71-0.1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-37981 (Heap buffer overflow in Skia in Google Chrome prior to 95.0.4638.54 al ...)
{DSA-5046-1}
- chromium 97.0.4692.71-0.1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-37980 (Inappropriate implementation in Sandbox in Google Chrome prior to 94.0 ...)
{DSA-5046-1}
- chromium 97.0.4692.71-0.1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-37979 (heap buffer overflow in WebRTC in Google Chrome prior to 94.0.4606.81 ...)
{DSA-5046-1}
- chromium 97.0.4692.71-0.1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-37978 (Heap buffer overflow in Blink in Google Chrome prior to 94.0.4606.81 a ...)
{DSA-5046-1}
- chromium 97.0.4692.71-0.1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-37977 (Use after free in Garbage Collection in Google Chrome prior to 94.0.46 ...)
{DSA-5046-1}
- chromium 97.0.4692.71-0.1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-37976 (Inappropriate implementation in Memory in Google Chrome prior to 94.0. ...)
{DSA-5046-1}
- chromium 97.0.4692.71-0.1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-37975 (Use after free in V8 in Google Chrome prior to 94.0.4606.71 allowed a ...)
{DSA-5046-1}
- chromium 97.0.4692.71-0.1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-37974 (Use after free in Safebrowsing in Google Chrome prior to 94.0.4606.71 ...)
{DSA-5046-1}
- chromium 97.0.4692.71-0.1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-37973 (Use after free in Portals in Google Chrome prior to 94.0.4606.61 allow ...)
{DSA-5046-1}
- chromium 97.0.4692.71-0.1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-37972 (Out of bounds read in libjpeg-turbo in Google Chrome prior to 94.0.460 ...)
{DSA-5046-1}
- chromium 97.0.4692.71-0.1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-37971 (Incorrect security UI in Web Browser UI in Google Chrome prior to 94.0 ...)
{DSA-5046-1}
- chromium 97.0.4692.71-0.1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-37970 (Use after free in File System API in Google Chrome prior to 94.0.4606. ...)
{DSA-5046-1}
- chromium 97.0.4692.71-0.1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-37969 (Inappropriate implementation in Google Updater in Google Chrome on Win ...)
{DSA-5046-1}
- chromium 97.0.4692.71-0.1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-37968 (Inappropriate implementation in Background Fetch API in Google Chrome ...)
{DSA-5046-1}
- chromium 97.0.4692.71-0.1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-37967 (Inappropriate implementation in Background Fetch API in Google Chrome ...)
{DSA-5046-1}
- chromium 97.0.4692.71-0.1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-37966 (Inappropriate implementation in Compositing in Google Chrome on Androi ...)
{DSA-5046-1}
- chromium 97.0.4692.71-0.1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-37965 (Inappropriate implementation in Background Fetch API in Google Chrome ...)
{DSA-5046-1}
- chromium 97.0.4692.71-0.1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-37964 (Inappropriate implementation in ChromeOS Networking in Google Chrome o ...)
{DSA-5046-1}
- chromium 97.0.4692.71-0.1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-37963 (Side-channel information leakage in DevTools in Google Chrome prior to ...)
{DSA-5046-1}
- chromium 97.0.4692.71-0.1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-37962 (Use after free in Performance Manager in Google Chrome prior to 94.0.4 ...)
{DSA-5046-1}
- chromium 97.0.4692.71-0.1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-37961 (Use after free in Tab Strip in Google Chrome prior to 94.0.4606.54 all ...)
{DSA-5046-1}
- chromium 97.0.4692.71-0.1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-37960
REJECTED
CVE-2021-37959 (Use after free in Task Manager in Google Chrome prior to 94.0.4606.54 ...)
{DSA-5046-1}
- chromium 97.0.4692.71-0.1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-37958 (Inappropriate implementation in Navigation in Google Chrome on Windows ...)
{DSA-5046-1}
- chromium 97.0.4692.71-0.1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-37957 (Use after free in WebGPU in Google Chrome prior to 94.0.4606.54 allowe ...)
{DSA-5046-1}
- chromium 97.0.4692.71-0.1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-37956 (Use after free in Offline use in Google Chrome on Android prior to 94. ...)
{DSA-5046-1}
- chromium 97.0.4692.71-0.1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-37955
RESERVED
@@ -29304,11 +29423,15 @@ CVE-2021-37531 (SAP NetWeaver Knowledge Management XML Forms versions - 7.10, 7.
NOT-FOR-US: SAP
CVE-2021-37530 (A denial of service vulnerabiity exists in fig2dev through 3.28a due t ...)
- fig2dev 1:3.2.8b-1
+ [bullseye] - fig2dev <no-dsa> (Minor issue)
+ [buster] - fig2dev <no-dsa> (Minor issue)
- transfig <removed>
NOTE: https://sourceforge.net/p/mcj/tickets/126/
NOTE: https://sourceforge.net/p/mcj/fig2dev/ci/ff103511e49c44c83fc58e2092aa37e9019a3a9f/
CVE-2021-37529 (A double-free vulnerability exists in fig2dev through 3.28a is affecte ...)
- fig2dev 1:3.2.8b-1
+ [bullseye] - fig2dev <no-dsa> (Minor issue)
+ [buster] - fig2dev <no-dsa> (Minor issue)
- transfig <removed>
NOTE: https://sourceforge.net/p/mcj/tickets/125/
NOTE: https://sourceforge.net/p/mcj/fig2dev/ci/899ea1277387ca9e9853bf61d29b7419d5692691/
@@ -46238,260 +46361,342 @@ CVE-2021-30634
RESERVED
CVE-2021-30633 (Use after free in Indexed DB API in Google Chrome prior to 93.0.4577.8 ...)
- chromium 93.0.4577.82-1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-30632 (Out of bounds write in V8 in Google Chrome prior to 93.0.4577.82 allow ...)
- chromium 93.0.4577.82-1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-30631
REJECTED
CVE-2021-30630 (Inappropriate implementation in Blink in Google Chrome prior to 93.0.4 ...)
- chromium 93.0.4577.82-1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-30629 (Use after free in Permissions in Google Chrome prior to 93.0.4577.82 a ...)
- chromium 93.0.4577.82-1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-30628 (Stack buffer overflow in ANGLE in Google Chrome prior to 93.0.4577.82 ...)
- chromium 93.0.4577.82-1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-30627 (Type confusion in Blink layout in Google Chrome prior to 93.0.4577.82 ...)
- chromium 93.0.4577.82-1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-30626 (Out of bounds memory access in ANGLE in Google Chrome prior to 93.0.45 ...)
- chromium 93.0.4577.82-1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-30625 (Use after free in Selection API in Google Chrome prior to 93.0.4577.82 ...)
- chromium 93.0.4577.82-1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-30624 (Chromium: CVE-2021-30624 Use after free in Autofill ...)
- chromium 93.0.4577.82-1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-30623 (Chromium: CVE-2021-30623 Use after free in Bookmarks ...)
- chromium 93.0.4577.82-1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-30622 (Chromium: CVE-2021-30622 Use after free in WebApp Installs ...)
- chromium 93.0.4577.82-1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-30621 (Chromium: CVE-2021-30621 UI Spoofing in Autofill ...)
- chromium 93.0.4577.82-1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-30620 (Chromium: CVE-2021-30620 Insufficient policy enforcement in Blink ...)
- chromium 93.0.4577.82-1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-30619 (Chromium: CVE-2021-30619 UI Spoofing in Autofill ...)
- chromium 93.0.4577.82-1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-30618 (Chromium: CVE-2021-30618 Inappropriate implementation in DevTools ...)
- chromium 93.0.4577.82-1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-30617 (Chromium: CVE-2021-30617 Policy bypass in Blink ...)
- chromium 93.0.4577.82-1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-30616 (Chromium: CVE-2021-30616 Use after free in Media ...)
- chromium 93.0.4577.82-1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-30615 (Chromium: CVE-2021-30615 Cross-origin data leak in Navigation ...)
- chromium 93.0.4577.82-1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-30614 (Chromium: CVE-2021-30614 Heap buffer overflow in TabStrip ...)
- chromium 93.0.4577.82-1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-30613 (Chromium: CVE-2021-30613 Use after free in Base internals ...)
- chromium 93.0.4577.82-1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-30612 (Chromium: CVE-2021-30612 Use after free in WebRTC ...)
- chromium 93.0.4577.82-1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-30611 (Chromium: CVE-2021-30611 Use after free in WebRTC ...)
- chromium 93.0.4577.82-1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-30610 (Chromium: CVE-2021-30610 Use after free in Extensions API ...)
- chromium 93.0.4577.82-1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-30609 (Chromium: CVE-2021-30609 Use after free in Sign-In ...)
- chromium 93.0.4577.82-1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-30608 (Chromium: CVE-2021-30608 Use after free in Web Share ...)
- chromium 93.0.4577.82-1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-30607 (Chromium: CVE-2021-30607 Use after free in Permissions ...)
- chromium 93.0.4577.82-1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-30606 (Chromium: CVE-2021-30606 Use after free in Blink ...)
- chromium 93.0.4577.82-1
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-30605 (Inappropriate implementation in the ChromeOS Readiness Tool installer ...)
NOT-FOR-US: ChromeOS Readiness Tool installer on Windows
CVE-2021-30604 (Use after free in ANGLE in Google Chrome prior to 92.0.4515.159 allowe ...)
- chromium 93.0.4577.82-1 (bug #990079)
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-30603 (Data race in WebAudio in Google Chrome prior to 92.0.4515.159 allowed ...)
- chromium 93.0.4577.82-1 (bug #990079)
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-30602 (Use after free in WebRTC in Google Chrome prior to 92.0.4515.159 allow ...)
- chromium 93.0.4577.82-1 (bug #990079)
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-30601 (Use after free in Extensions API in Google Chrome prior to 92.0.4515.1 ...)
- chromium 93.0.4577.82-1 (bug #990079)
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-30600 (Use after free in Printing in Google Chrome prior to 92.0.4515.159 all ...)
- chromium 93.0.4577.82-1 (bug #990079)
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-30599 (Type confusion in V8 in Google Chrome prior to 92.0.4515.159 allowed a ...)
- chromium 93.0.4577.82-1 (bug #990079)
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-30598 (Type confusion in V8 in Google Chrome prior to 92.0.4515.159 allowed a ...)
- chromium 93.0.4577.82-1 (bug #990079)
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-30597 (Use after free in Browser UI in Google Chrome on Chrome prior to 92.0. ...)
- chromium 93.0.4577.82-1 (bug #990079)
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-30596 (Incorrect security UI in Navigation in Google Chrome on Android prior ...)
- chromium 93.0.4577.82-1 (bug #990079)
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-30595
RESERVED
CVE-2021-30594 (Use after free in Page Info UI in Google Chrome prior to 92.0.4515.131 ...)
- chromium 93.0.4577.82-1 (bug #990079)
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-30593 (Out of bounds read in Tab Strip in Google Chrome prior to 92.0.4515.13 ...)
- chromium 93.0.4577.82-1 (bug #990079)
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-30592 (Out of bounds write in Tab Groups in Google Chrome prior to 92.0.4515. ...)
- chromium 93.0.4577.82-1 (bug #990079)
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-30591 (Use after free in File System API in Google Chrome prior to 92.0.4515. ...)
- chromium 93.0.4577.82-1 (bug #990079)
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-30590 (Heap buffer overflow in Bookmarks in Google Chrome prior to 92.0.4515. ...)
- chromium 93.0.4577.82-1 (bug #990079)
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-30589 (Insufficient validation of untrusted input in Sharing in Google Chrome ...)
- chromium 93.0.4577.82-1 (bug #990079)
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-30588 (Type confusion in V8 in Google Chrome prior to 92.0.4515.107 allowed a ...)
- chromium 93.0.4577.82-1 (bug #990079)
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-30587 (Inappropriate implementation in Compositing in Google Chrome prior to ...)
- chromium 93.0.4577.82-1 (bug #990079)
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-30586 (Use after free in dialog box handling in Windows in Google Chrome prio ...)
- chromium 93.0.4577.82-1 (bug #990079)
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-30585 (Use after free in sensor handling in Google Chrome on Windows prior to ...)
- chromium 93.0.4577.82-1 (bug #990079)
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-30584 (Incorrect security UI in Downloads in Google Chrome on Android prior t ...)
- chromium 93.0.4577.82-1 (bug #990079)
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-30583 (Insufficient policy enforcement in image handling in iOS in Google Chr ...)
- chromium 93.0.4577.82-1 (bug #990079)
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-30582 (Inappropriate implementation in Animation in Google Chrome prior to 92 ...)
- chromium 93.0.4577.82-1 (bug #990079)
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-30581 (Use after free in DevTools in Google Chrome prior to 92.0.4515.107 all ...)
- chromium 93.0.4577.82-1 (bug #990079)
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-30580 (Insufficient policy enforcement in Android intents in Google Chrome pr ...)
- chromium 93.0.4577.82-1 (bug #990079)
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-30579 (Use after free in UI framework in Google Chrome prior to 92.0.4515.107 ...)
- chromium 93.0.4577.82-1 (bug #990079)
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-30578 (Uninitialized use in Media in Google Chrome prior to 92.0.4515.107 all ...)
- chromium 93.0.4577.82-1 (bug #990079)
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-30577 (Insufficient policy enforcement in Installer in Google Chrome prior to ...)
- chromium 93.0.4577.82-1 (bug #990079)
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-30576 (Use after free in DevTools in Google Chrome prior to 92.0.4515.107 all ...)
- chromium 93.0.4577.82-1 (bug #990079)
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-30575 (Out of bounds write in Autofill in Google Chrome prior to 92.0.4515.10 ...)
- chromium 93.0.4577.82-1 (bug #990079)
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-30574 (Use after free in protocol handling in Google Chrome prior to 92.0.451 ...)
- chromium 93.0.4577.82-1 (bug #990079)
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-30573 (Use after free in GPU in Google Chrome prior to 92.0.4515.107 allowed ...)
- chromium 93.0.4577.82-1 (bug #990079)
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-30572 (Use after free in Autofill in Google Chrome prior to 92.0.4515.107 all ...)
- chromium 93.0.4577.82-1 (bug #990079)
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-30571 (Insufficient policy enforcement in DevTools in Google Chrome prior to ...)
- chromium 93.0.4577.82-1 (bug #990079)
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-30570
RESERVED
CVE-2021-30569 (Use after free in sqlite in Google Chrome prior to 92.0.4515.107 allow ...)
- chromium 93.0.4577.82-1 (bug #990079)
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-30568 (Heap buffer overflow in WebGL in Google Chrome prior to 92.0.4515.107 ...)
- chromium 93.0.4577.82-1 (bug #990079)
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-30567 (Use after free in DevTools in Google Chrome prior to 92.0.4515.107 all ...)
- chromium 93.0.4577.82-1 (bug #990079)
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-30566 (Stack buffer overflow in Printing in Google Chrome prior to 92.0.4515. ...)
- chromium 93.0.4577.82-1 (bug #990079)
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-30565 (Out of bounds write in Tab Groups in Google Chrome on Linux and Chrome ...)
- chromium 93.0.4577.82-1 (bug #990079)
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-30564 (Heap buffer overflow in WebXR in Google Chrome prior to 91.0.4472.164 ...)
- chromium 93.0.4577.82-1 (bug #990079)
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-30563 (Type Confusion in V8 in Google Chrome prior to 91.0.4472.164 allowed a ...)
- chromium 93.0.4577.82-1 (bug #990079)
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-30562 (Use after free in WebSerial in Google Chrome prior to 91.0.4472.164 al ...)
- chromium 93.0.4577.82-1 (bug #990079)
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-30561 (Type Confusion in V8 in Google Chrome prior to 91.0.4472.164 allowed a ...)
- chromium 93.0.4577.82-1 (bug #990079)
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-30560 (Use after free in Blink XSLT in Google Chrome prior to 91.0.4472.164 a ...)
- chromium 93.0.4577.82-1 (bug #990079)
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-30559 (Out of bounds write in ANGLE in Google Chrome prior to 91.0.4472.164 a ...)
- chromium 93.0.4577.82-1 (bug #990079)
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-30558
RESERVED
CVE-2021-30557 (Use after free in TabGroups in Google Chrome prior to 91.0.4472.114 al ...)
- chromium 93.0.4577.82-1 (bug #990079)
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-30556 (Use after free in WebAudio in Google Chrome prior to 91.0.4472.114 all ...)
- chromium 93.0.4577.82-1 (bug #990079)
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-30555 (Use after free in Sharing in Google Chrome prior to 91.0.4472.114 allo ...)
- chromium 93.0.4577.82-1 (bug #990079)
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-30554 (Use after free in WebGL in Google Chrome prior to 91.0.4472.114 allowe ...)
- chromium 93.0.4577.82-1 (bug #990079)
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-30553 (Use after free in Network service in Google Chrome prior to 91.0.4472. ...)
- chromium 93.0.4577.82-1 (bug #990079)
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-30552 (Use after free in Extensions in Google Chrome prior to 91.0.4472.101 a ...)
- chromium 93.0.4577.82-1 (bug #990079)
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-30551 (Type confusion in V8 in Google Chrome prior to 91.0.4472.101 allowed a ...)
- chromium 93.0.4577.82-1 (bug #990079)
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-30550 (Use after free in Accessibility in Google Chrome prior to 91.0.4472.10 ...)
- chromium 93.0.4577.82-1 (bug #990079)
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-30549 (Use after free in Spell check in Google Chrome prior to 91.0.4472.101 ...)
- chromium 93.0.4577.82-1 (bug #990079)
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-30548 (Use after free in Loader in Google Chrome prior to 91.0.4472.101 allow ...)
- chromium 93.0.4577.82-1 (bug #990079)
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-30547 (Out of bounds write in ANGLE in Google Chrome prior to 91.0.4472.101 a ...)
{DSA-4940-1 DSA-4939-1 DLA-2711-1 DLA-2709-1}
- chromium 93.0.4577.82-1 (bug #990079)
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
- firefox 90.0-1
- firefox-esr 78.12.0esr-1
@@ -46501,39 +46706,51 @@ CVE-2021-30547 (Out of bounds write in ANGLE in Google Chrome prior to 91.0.4472
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2021-30/#CVE-2021-30547
CVE-2021-30546 (Use after free in Autofill in Google Chrome prior to 91.0.4472.101 all ...)
- chromium 93.0.4577.82-1 (bug #990079)
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-30545 (Use after free in Extensions in Google Chrome prior to 91.0.4472.101 a ...)
- chromium 93.0.4577.82-1 (bug #990079)
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-30544 (Use after free in BFCache in Google Chrome prior to 91.0.4472.101 allo ...)
- chromium 93.0.4577.82-1 (bug #990079)
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-30543 (Use after free in Tab Strip in Google Chrome prior to 91.0.4472.77 all ...)
- chromium 93.0.4577.82-1 (bug #990079)
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-30542 (Use after free in Tab Strip in Google Chrome prior to 91.0.4472.77 all ...)
- chromium 93.0.4577.82-1 (bug #990079)
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-30541 (Use after free in V8 in Google Chrome prior to 91.0.4472.164 allowed a ...)
- chromium 93.0.4577.82-1 (bug #990079)
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-30540 (Incorrect security UI in payments in Google Chrome on Android prior to ...)
- chromium 93.0.4577.82-1 (bug #990079)
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-30539 (Insufficient policy enforcement in content security policy in Google C ...)
- chromium 93.0.4577.82-1 (bug #990079)
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-30538 (Insufficient policy enforcement in content security policy in Google C ...)
- chromium 93.0.4577.82-1 (bug #990079)
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-30537 (Insufficient policy enforcement in cookies in Google Chrome prior to 9 ...)
- chromium 93.0.4577.82-1 (bug #990079)
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-30536 (Out of bounds read in V8 in Google Chrome prior to 91.0.4472.77 allowe ...)
- chromium 93.0.4577.82-1 (bug #990079)
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-30535 (Double free in ICU in Google Chrome prior to 91.0.4472.77 allowed a re ...)
- chromium 93.0.4577.82-1 (bug #990079)
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
- icu 67.1-7
[buster] - icu <not-affected> (Vulnerable code introduced later)
@@ -46545,45 +46762,59 @@ CVE-2021-30535 (Double free in ICU in Google Chrome prior to 91.0.4472.77 allowe
NOTE: Fixed by: https://github.com/unicode-org/icu/commit/2dc5bea9061b4fb05cd03e21b775dd944a0eb81d
CVE-2021-30534 (Insufficient policy enforcement in iFrameSandbox in Google Chrome prio ...)
- chromium 93.0.4577.82-1 (bug #990079)
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-30533 (Insufficient policy enforcement in PopupBlocker in Google Chrome prior ...)
- chromium 93.0.4577.82-1 (bug #990079)
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-30532 (Insufficient policy enforcement in Content Security Policy in Google C ...)
- chromium 93.0.4577.82-1 (bug #990079)
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-30531 (Insufficient policy enforcement in Content Security Policy in Google C ...)
- chromium 93.0.4577.82-1 (bug #990079)
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-30530 (Out of bounds memory access in WebAudio in Google Chrome prior to 91.0 ...)
- chromium 93.0.4577.82-1 (bug #990079)
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-30529 (Use after free in Bookmarks in Google Chrome prior to 91.0.4472.77 all ...)
- chromium 93.0.4577.82-1 (bug #990079)
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-30528 (Use after free in WebAuthentication in Google Chrome on Android prior ...)
- chromium 93.0.4577.82-1 (bug #990079)
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-30527 (Use after free in WebUI in Google Chrome prior to 91.0.4472.77 allowed ...)
- chromium 93.0.4577.82-1 (bug #990079)
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-30526 (Out of bounds write in TabStrip in Google Chrome prior to 91.0.4472.77 ...)
- chromium 93.0.4577.82-1 (bug #990079)
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-30525 (Use after free in TabGroups in Google Chrome prior to 91.0.4472.77 all ...)
- chromium 93.0.4577.82-1 (bug #990079)
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-30524 (Use after free in TabStrip in Google Chrome prior to 91.0.4472.77 allo ...)
- chromium 93.0.4577.82-1 (bug #990079)
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-30523 (Use after free in WebRTC in Google Chrome prior to 91.0.4472.77 allowe ...)
- chromium 93.0.4577.82-1 (bug #990079)
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-30522 (Use after free in WebAudio in Google Chrome prior to 91.0.4472.77 allo ...)
- chromium 93.0.4577.82-1 (bug #990079)
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-30521 (Heap buffer overflow in Autofill in Google Chrome on Android prior to ...)
- chromium 93.0.4577.82-1 (bug #990079)
+ [buster] - chromium <end-of-life> (see DSA 5046)
[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2021-30520 (Use after free in Tab Strip in Google Chrome prior to 90.0.4430.212 al ...)
{DSA-4917-1}
=====================================
data/dsa-needed.txt
=====================================
@@ -46,5 +46,7 @@ runc
trafficserver (jmm)
wait until status for CVE-2021-38161 is clarified (upstream patch got reverted)
--
+uriparser
+--
varnish (fw)
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3c26aa0026a0f4138027d7dbf4a491aa30468c4b
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3c26aa0026a0f4138027d7dbf4a491aa30468c4b
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220117/723c4167/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list