[Git][security-tracker-team/security-tracker][master] automatic update

Mon, 15 Mar 2021 01:10:31 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
56e62a70 by security tracker role at 2021-03-15T08:10:17+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,17 @@
+CVE-2021-28382
+       RESERVED
+CVE-2021-28381
+       RESERVED
+CVE-2021-28380
+       RESERVED
+CVE-2021-28379 (web/upload/UploadHandler.php in Vesta Control Panel (aka 
VestaCP) thro ...)
+       TODO: check
+CVE-2021-28378 (Gitea 1.12.x and 1.13.x before 1.13.4 allows XSS via certain 
issue dat ...)
+       TODO: check
+CVE-2021-28377
+       RESERVED
+CVE-2021-28376
+       RESERVED
 CVE-2021-28373 (The auth_internal plugin in Tiny Tiny RSS (aka tt-rss) before 
2021-03- ...)
        - tt-rss <not-affected> (Vulnerable code introduced later)
        NOTE: 
https://community.tt-rss.org/t/check-password-not-called-if-otp-is-enabled-update-asap-if-youre-using-2fa/4502
@@ -601,7 +615,7 @@ CVE-2021-28110
        RESERVED
 CVE-2021-28109
        RESERVED
-CVE-2021-28374 [world-readable user data information]
+CVE-2021-28374 (The Debian courier-authlib package before 0.71.1-2 for Courier 
Authent ...)
        - courier-authlib 0.71.1-2 (bug #984810)
        NOTE: Re-introduction of #378571 while migrating from 
debian/permissions to
        NOTE: debian/courier-authdaemon.tmpfiles in 0.66.4-2.
@@ -150427,7 +150441,7 @@ CVE-2019-2310 (Out of bound read would occur while 
trying to read action categor
        NOT-FOR-US: Qualcomm components for Android
 CVE-2019-2309 (While storing calibrated data from firmware in cache, An 
integer overf ...)
        NOT-FOR-US: Snapdragon
-CVE-2021-28375
+CVE-2021-28375 (An issue was discovered in the Linux kernel through 5.11.6. 
fastrpc_in ...)
        - linux <unfixed>
        [buster] - linux <not-affected> (Vulnerable code introduced later)
        [stretch] - linux <not-affected> (Vulnerable code introduced later)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/56e62a70695d59f5f5902b9125ec991626099f67

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/56e62a70695d59f5f5902b9125ec991626099f67
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to