Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
607398d7 by Salvatore Bonaccorso at 2021-02-27T11:45:49+01:00
Add CVE-2021-2127{3,4}/matrix-synapse
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -15779,9 +15779,13 @@ CVE-2021-21276 (Polr is an open source URL shortener.
in Polr before version 2.3
CVE-2021-21275 (The MediaWiki "Report" extension has a Cross-Site Request
Forgery (CSR ...)
NOT-FOR-US: MediaWiki Report extention
CVE-2021-21274 (Synapse is a Matrix reference homeserver written in python
(pypi packa ...)
- TODO: check
+ - matrix-synapse 1.25.0-1
+ NOTE:
https://github.com/matrix-org/synapse/security/advisories/GHSA-2hwx-mjrm-v3g8
+ NOTE:
https://github.com/matrix-org/synapse/commit/ff5c4da1289cb5e097902b3e55b771be342c29d6
CVE-2021-21273 (Synapse is a Matrix reference homeserver written in python
(pypi packa ...)
- TODO: check
+ - matrix-synapse 1.25.0-1
+ NOTE:
https://github.com/matrix-org/synapse/security/advisories/GHSA-v936-j8gp-9q3p
+ NOTE:
https://github.com/matrix-org/synapse/commit/30fba6210834a4ecd91badf0c8f3eb278b72e746
CVE-2021-21272 (ORAS is open source software which enables a way to push OCI
Artifacts ...)
NOT-FOR-US: ORAS
CVE-2021-21271 (Tendermint Core is an open source Byzantine Fault Tolerant
(BFT) middl ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/607398d7772b267cfab0eb96fac8ea6bed4f4e4b
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/607398d7772b267cfab0eb96fac8ea6bed4f4e4b
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
