Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 05c229fb by Salvatore Bonaccorso at 2021-02-25T21:52:30+01:00 Move kibana entry to CVE-2020-26296 Upstream advisory https://discuss.elastic.co/t/elastic-stack-7-11-0-and-6-8-14-security-update/263915 references CVE-2020-26296 and CVE-2021-26296 seems to be for Apache MyFaces as per https://www.openwall.com/lists/oss-security/2021/02/18/5 .. - - - - - 6cc6e071 by Salvatore Bonaccorso at 2021-02-25T21:54:11+01:00 Mark CVE-2021-26296 as NFU - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -3281,8 +3281,7 @@ CVE-2021-26298 CVE-2021-26297 RESERVED CVE-2021-26296 (In the default configuration, Apache MyFaces Core versions 2.2.0 to 2. ...) - - kibana <itp> (bug #700337) - NOTE: https://discuss.elastic.co/t/elastic-stack-7-11-0-and-6-8-14-security-update/263915 + NOT-FOR-US: Apache MyFaces CVE-2021-26295 RESERVED CVE-2021-3333 (Opmantek Open-AudIT 4.0.1 is affected by cross-site scripting (XSS). W ...) @@ -32718,7 +32717,8 @@ CVE-2020-26298 (Redcarpet is a Ruby library for Markdown processing. In Redcarpe CVE-2020-26297 (mdBook is a utility to create modern online books from Markdown files ...) NOT-FOR-US: mdBook CVE-2020-26296 (Vega is a visualization grammar, a declarative format for creating, sa ...) - NOT-FOR-US: Node vega + - kibana <itp> (bug #700337) + NOTE: https://discuss.elastic.co/t/elastic-stack-7-11-0-and-6-8-14-security-update/263915 CVE-2020-26295 (OpenMage is a community-driven alternative to Magento CE. In OpenMage ...) NOT-FOR-US: OpenMage CVE-2020-26294 (Vela is a Pipeline Automation (CI/CD) framework built on Linux contain ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/1b2113edf78f3d7f90e38698ff7086e150c19790...6cc6e0712edc8f4365e1c045409a877bb1daa1dd -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/1b2113edf78f3d7f90e38698ff7086e150c19790...6cc6e0712edc8f4365e1c045409a877bb1daa1dd You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list [email protected] https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
