[Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2021-30146: Update entry to NFU

Salvatore Bonaccorso (@carnil) carnil at debian.org
Thu Jun 9 12:39:05 BST 2022 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
7a9d5a6e by schlarbm at 2022-06-09T10:27:07+02:00
CVE-2021-30146: Update entry to NFU

The issue only affects the seahub web interface component of the seafile
server parts. But there isn't even an ITP/RFP for that.

What's currently packaged are only the client parts and those are not
affected.

- - - - -
68fd0bce by Salvatore Bonaccorso at 2022-06-09T11:38:54+00:00
Merge branch 'cve-2021-30146' into 'master'

CVE-2021-30146: Update entry to NFU

See merge request security-tracker-team/security-tracker!107
- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -77755,9 +77755,7 @@ CVE-2021-30148
 CVE-2021-30147 (DMA Softlab Radius Manager 4.4.0 allows CSRF with impacts such as addi ...)
 	NOT-FOR-US: DMA Softlab Radius Manager
 CVE-2021-30146 (Seafile 7.0.5 (2019) allows Persistent XSS via the "share of library f ...)
-	- seafile-client <unfixed> (bug #987282)
-	[bullseye] - seafile-client <no-dsa> (Minor issue)
-	[buster] - seafile-client <no-dsa> (Minor issue)
+	NOT-FOR-US: seahub
 	NOTE: https://github.com/Security-AVS/CVE-2021-30146
 CVE-2021-30145 (A format string vulnerability in mpv through 0.33.0 allows user-assist ...)
 	- mpv 0.32.0-3 (bug #986839)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/46ff761970cd9b23d36bc8c2f5ee68c49c454f0c...68fd0bce3f208b8c3d599835acd90d96bdde8dae

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/46ff761970cd9b23d36bc8c2f5ee68c49c454f0c...68fd0bce3f208b8c3d599835acd90d96bdde8dae
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220609/2f3f720f/attachment.htm>

More information about the debian-security-tracker-commits mailing list