[Git][security-tracker-team/security-tracker][master] new rust-rand-code issue

Thu, 18 Feb 2021 08:36:10 -0800 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
2ef8cd66 by Moritz Muehlenhoff at 2021-02-18T17:35:32+01:00
new rust-rand-code issue
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,11 +1,12 @@
 CVE-2021-27378 (An issue was discovered in the rand_core crate before 0.6.2 
for Rust.  ...)
-       TODO: check
+       - rust-rand-core <unfixed>
+       NOTE: https://rustsec.org/advisories/RUSTSEC-2021-0023.html
 CVE-2021-27377 (An issue was discovered in the yottadb crate before 1.2.0 for 
Rust. Fo ...)
-       TODO: check
+       NOT-FOR-US: Rust crate yottadb
 CVE-2021-27376 (An issue was discovered in the nb-connect crate before 1.0.3 
for Rust. ...)
-       TODO: check
+       NOT-FOR-US: Rust crate nb-connect
 CVE-2021-27375 (Traefik 2.4.3 allows the loading of IFRAME elements from other 
domains ...)
-       TODO: check
+       NOT-FOR-US: Traefik
 CVE-2021-27374 (VertiGIS WebOffice 10.7 SP1 before patch20210202 and 10.8 SP1 
before p ...)
        NOT-FOR-US: VertiGIS WebOffice
 CVE-2021-27373
@@ -21,7 +22,7 @@ CVE-2021-27369
 CVE-2021-27368
        RESERVED
 CVE-2021-27367 (Controller/Backend/FileEditController.php and 
Controller/Backend/Filem ...)
-       TODO: check
+       NOT-FOR-US: Bolt CMS
 CVE-2021-27366
        RESERVED
 CVE-2021-27365
@@ -31,7 +32,7 @@ CVE-2021-27364
 CVE-2021-27363
        RESERVED
 CVE-2020-36245 (GramAddict through 1.2.3 allows remote attackers to execute 
arbitrary  ...)
-       TODO: check
+       NOT-FOR-US: GramAddict
 CVE-2021-27362 (The WPG plugin before 3.1.0.0 for IrfanView 4.57 has a Read 
Access Vio ...)
        NOT-FOR-US: WPG plugin for IrfanView
 CVE-2021-27361



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2ef8cd661e1a045d3989ba541d70b693974221e9

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2ef8cd661e1a045d3989ba541d70b693974221e9
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to