[Git][security-tracker-team/security-tracker][master] Reassociate some older NFUs for MinIO to minio, itp'ed

Salvatore Bonaccorso (@carnil) carnil at debian.org
Fri Feb 2 20:07:06 GMT 2024 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
a6133d75 by Salvatore Bonaccorso at 2024-02-02T21:06:25+01:00
Reassociate some older NFUs for MinIO to minio, itp'ed

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -108440,7 +108440,7 @@ CVE-2022-35921 (fof/byobu is a private discussions extension for Flarum forum. A
 CVE-2022-35920 (Sanic is an opensource python web server/framework. Affected versions  ...)
 	NOT-FOR-US: Sanic
 CVE-2022-35919 (MinIO is a High Performance Object Storage released under GNU Affero G ...)
-	NOT-FOR-US: MinIO
+	- minio <itp> (bug #859207)
 CVE-2022-35918 (Streamlit is a data oriented application development framework for pyt ...)
 	NOT-FOR-US: Streamlit
 CVE-2022-35917 (Solana Pay is a protocol and set of reference implementations that ena ...)
@@ -122087,7 +122087,7 @@ CVE-2022-31030 (containerd is an open source container runtime. A bug was found
 CVE-2022-31029 (AdminLTE is a Pi-hole Dashboard for stats and configuration. In affect ...)
 	NOT-FOR-US: AdminLTE
 CVE-2022-31028 (MinIO is a multi-cloud object storage solution. Starting with version  ...)
-	NOT-FOR-US: MinIO
+	- minio <itp> (bug #859207)
 CVE-2022-31027 (OAuthenticator is an OAuth token library for the JupyerHub login handl ...)
 	NOT-FOR-US: OAuthenticator
 CVE-2022-31026 (Trilogy is a client library for MySQL. When authenticating, a maliciou ...)
@@ -140488,7 +140488,7 @@ CVE-2022-24844 (Gin-vue-admin is a backstage management system based on vue and
 CVE-2022-24843 (Gin-vue-admin is a backstage management system based on vue and gin, w ...)
 	NOT-FOR-US: Gin-vue-admin
 CVE-2022-24842 (MinIO is a High Performance Object Storage released under GNU Affero G ...)
-	NOT-FOR-US: MinIO
+	- minio <itp> (bug #859207)
 CVE-2022-24841 (fleetdm/fleet is an open source device management, built on osquery. A ...)
 	NOT-FOR-US: Fleet
 CVE-2022-24840 (django-s3file is a lightweight file upload input for Django and Amazon ...)
@@ -158199,7 +158199,7 @@ CVE-2021-43859 (XStream is an open source java library to serialize objects to X
 	NOTE: https://x-stream.github.io/CVE-2021-43859.html
 	NOTE: https://github.com/x-stream/xstream/commit/e8e88621ba1c85ac3b8620337dd672e0c0c3a846
 CVE-2021-43858 (MinIO is a Kubernetes native application for cloud storage. Prior to v ...)
-	NOT-FOR-US: MinIO
+	- minio <itp> (bug #859207)
 CVE-2021-43857 (Gerapy is a distributed crawler management framework. Gerapy prior to  ...)
 	NOT-FOR-US: Gerapy
 CVE-2021-43856 (Wiki.js is a wiki app built on Node.js. Wiki.js 2.5.263 and earlier is ...)
@@ -219950,7 +219950,7 @@ CVE-2021-21392 (Synapse is a Matrix reference homeserver written in python (pypi
 CVE-2021-21391 (CKEditor 5 provides a WYSIWYG editing solution. This CVE affects the f ...)
 	NOT-FOR-US: ckeditor5-{engine,font,image,list,markdown-gfm,media-embed,paste-from-office,widget} CKEditor 5 packages
 CVE-2021-21390 (MinIO is an open-source high performance object storage service and it ...)
-	NOT-FOR-US: MinIO
+	- minio <itp> (bug #859207)
 CVE-2021-21389 (BuddyPress is an open source WordPress plugin to build a community sit ...)
 	NOT-FOR-US: BuddyPress WordPress plugin
 CVE-2021-21388 (systeminformation is an open source system and OS information library  ...)
@@ -220024,7 +220024,7 @@ CVE-2021-21364 (swagger-codegen is an open-source project which contains a templ
 CVE-2021-21363 (swagger-codegen is an open-source project which contains a template-dr ...)
 	- swagger-codegen <itp> (bug #950318)
 CVE-2021-21362 (MinIO is an open-source high performance object storage service and it ...)
-	NOT-FOR-US: MinIO
+	- minio <itp> (bug #859207)
 CVE-2021-21361 (The `com.bmuschko:gradle-vagrant-plugin` Gradle plugin contains an inf ...)
 	NOT-FOR-US: gradle-vagrant-plugin
 CVE-2021-21360 (Products.GenericSetup is a mini-framework for expressing the configure ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a6133d75f5709b0be349a1c975603332594fe440

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a6133d75f5709b0be349a1c975603332594fe440
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240202/e74a27c6/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list