[Git][security-tracker-team/security-tracker][master] bugnums

[Moritz Muehlenhoff (@jmm)]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
1780cc4c by Moritz Muehlenhoff at 2022-07-11T20:39:36+02:00
bugnums

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -30237,7 +30237,7 @@ CVE-2022-24760 (Parse Server is an open source http web server backend. In versi
 CVE-2022-24759 (`@chainsafe/libp2p-noise` contains TypeScript implementation of noise  ...)
 	NOT-FOR-US: chainsafe/libp2p-noise
 CVE-2022-24758 (The Jupyter notebook is a web-based notebook environment for interacti ...)
-	- jupyter-notebook <unfixed>
+	- jupyter-notebook <unfixed> (bug #1014771)
 	[bullseye] - jupyter-notebook <no-dsa> (Minor issue)
 	[buster] - jupyter-notebook <no-dsa> (Minor issue)
 	NOTE: https://github.com/jupyter/notebook/security/advisories/GHSA-m87f-39q9-6f55
@@ -33212,7 +33212,7 @@ CVE-2021-4214
 	NOTE: Crash in CLI package, not shipped in binary packages
 CVE-2021-4213
 	RESERVED
-	- jss <unfixed>
+	- jss <unfixed> (bug #1014770)
 	[bullseye] - jss <no-dsa> (Minor issue)
 	[buster] - jss <no-dsa> (Minor issue)
 	[stretch] - jss <postponed> (revisit when/if fix is complete)
@@ -67765,14 +67765,14 @@ CVE-2021-37139
 CVE-2021-37138
 	RESERVED
 CVE-2021-37137 (The Snappy frame decoder function doesn't restrict the chunk length wh ...)
-	- netty <unfixed>
+	- netty <unfixed> (bug #1014769)
 	[bullseye] - netty <no-dsa> (Minor issue)
 	[buster] - netty <no-dsa> (Minor issue)
 	[stretch] - netty <no-dsa> (Minor issue)
 	NOTE: https://github.com/netty/netty/security/advisories/GHSA-9vjp-v76f-g363
 	NOTE: Fixed by: https://github.com/netty/netty/commit/6da4956b31023ae967451e1d94ff51a746a9194f (netty-4.1.68.Final)
 CVE-2021-37136 (The Bzip2 decompression decoder function doesn't allow setting size re ...)
-	- netty <unfixed>
+	- netty <unfixed> (bug #1014769)
 	[bullseye] - netty <no-dsa> (Minor issue)
 	[buster] - netty <no-dsa> (Minor issue)
 	[stretch] - netty <no-dsa> (Minor issue)
@@ -93278,7 +93278,7 @@ CVE-2021-27027 (An Out-Of-Bounds Read Vulnerability in Autodesk FBX Review versi
 CVE-2021-27026 (A flaw was divered in Puppet Enterprise and other Puppet products wher ...)
 	NOT-FOR-US: Puppet Enterprise
 CVE-2021-27025 (A flaw was discovered in Puppet Agent where the agent may silently ign ...)
-	- puppet <unfixed>
+	- puppet <unfixed> (bug #1014772)
 	[bullseye] - puppet <ignored> (Minor issue, too intrusive to backport)
 	[buster] - puppet <ignored> (Minor issue, too intrusive to backport)
 	[stretch] - puppet <ignored> (Minor issue, too intrusive to backport)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1780cc4c8cdff45f3736b49b901620c67515f4ae

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1780cc4c8cdff45f3736b49b901620c67515f4ae
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220711/b2bc1e7b/attachment.htm>