Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
06b8e699 by security tracker role at 2021-01-18T08:10:22+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,55 @@
+CVE-2021-3173
+ RESERVED
+CVE-2021-3172
+ RESERVED
+CVE-2021-3171
+ RESERVED
+CVE-2021-3170
+ RESERVED
+CVE-2021-3169
+ RESERVED
+CVE-2021-3168
+ RESERVED
+CVE-2021-3167
+ RESERVED
+CVE-2021-3166 (An issue was discovered on ASUS DSL-N14U-B1 1.1.2.3_805
devices. An at ...)
+ TODO: check
+CVE-2021-3165
+ RESERVED
+CVE-2021-3164
+ RESERVED
+CVE-2021-3163
+ RESERVED
+CVE-2021-25301
+ RESERVED
+CVE-2021-25300
+ RESERVED
+CVE-2021-25299
+ RESERVED
+CVE-2021-25298
+ RESERVED
+CVE-2021-25297
+ RESERVED
+CVE-2021-25296
+ RESERVED
+CVE-2021-25295 (OpenCATS through 0.9.5-3 has multiple Cross-site Scripting
(XSS) issue ...)
+ TODO: check
+CVE-2021-25294 (OpenCATS through 0.9.5-3 unsafely deserializes
index.php?m=activity re ...)
+ TODO: check
+CVE-2021-25293
+ RESERVED
+CVE-2021-25292
+ RESERVED
+CVE-2021-25291
+ RESERVED
+CVE-2021-25290
+ RESERVED
+CVE-2021-25289
+ RESERVED
+CVE-2021-25288
+ RESERVED
+CVE-2021-25287
+ RESERVED
CVE-2021-XXXX [gstreamer: stack buffer overflow in
gst_h264_slice_parse_dec_ref_pic_marking]
- gst-plugins-bad1.0 1.18.1-1
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1917192
@@ -15628,8 +15680,8 @@ CVE-2020-29448
RESERVED
CVE-2020-29447 (Affected versions of Atlassian Crucible allow remote attackers
to impa ...)
NOT-FOR-US: Atlassian
-CVE-2020-29446
- RESERVED
+CVE-2020-29446 (Affected versions of Atlassian Fisheye & Crucible allow
remote att ...)
+ TODO: check
CVE-2020-29445
RESERVED
CVE-2020-29444
@@ -48249,8 +48301,8 @@ CVE-2020-15866 (mruby through 2.1.2-rc has a heap-based
buffer overflow in the m
NOTE:
https://github.com/mruby/mruby/commit/63956036e116ef6a33a91e16348c4d1a09f6f72c
(2.1.2-rc2)
CVE-2020-15865 (A Remote Code Execution vulnerability in Stimulsoft (aka
Stimulsoft Re ...)
NOT-FOR-US: Stimulsoft
-CVE-2020-15864
- RESERVED
+CVE-2020-15864 (An issue was discovered in Quali CloudShell 9.3. An XSS
vulnerability ...)
+ TODO: check
CVE-2020-15863 (hw/net/xgmac.c in the XGMAC Ethernet controller in QEMU before
07-20-2 ...)
{DSA-4760-1 DLA-2288-1}
- qemu 1:5.0-12
@@ -114123,7 +114175,7 @@ CVE-2019-11841 (A message-forgery issue was
discovered in crypto/openpgp/clearsi
NOTE:
https://packetstormsecurity.com/files/152840/Go-Cryptography-Libraries-Cleartext-Message-Spoofing.html
NOTE: Upstream feels that this is not a security issue. See
https://github.com/golang/go/issues/41200.
CVE-2019-11840 (An issue was discovered in supplementary Go cryptography
libraries, ak ...)
- {DLA-2454-1 DLA-2442-1 DLA-2402-1 DLA-1840-1}
+ {DLA-2527-1 DLA-2454-1 DLA-2442-1 DLA-2402-1 DLA-1840-1}
- golang-go.crypto 1:0.0~git20200221.2aa609c-1
NOTE: https://github.com/golang/go/issues/30965
NOTE:
https://go.googlesource.com/crypto/+/b7391e95e576cacdcdd422573063bc057239113d
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/06b8e6996a1411794541835abfaa6c61c3dc8e0b
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/06b8e6996a1411794541835abfaa6c61c3dc8e0b
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
