[Git][security-tracker-team/security-tracker][master] new golang-github-containers-image issue

Tue, 06 Apr 2021 23:41:25 -0700 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
90a6a3a7 by Moritz Muehlenhoff at 2021-04-07T08:40:52+02:00
new golang-github-containers-image issue
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -2649,8 +2649,10 @@ CVE-2021-28976
        RESERVED
 CVE-2021-3457
        RESERVED
+       - foreman <itp> (bug #663101)
 CVE-2021-3456
        RESERVED
+       - foreman <itp> (bug #663101)
 CVE-2021-28975
        RESERVED
 CVE-2021-28974
@@ -23774,6 +23776,7 @@ CVE-2021-20307 (Format string vulnerability in 
panoFileOutputNamesCreate() in li
        NOTE: 
https://sourceforge.net/projects/panotools/files/libpano13/libpano13-2.9.20/
 CVE-2021-20306
        RESERVED
+       NOT-FOR-US: Red Hat Business Central
 CVE-2021-20305 (A flaw was found in Nettle in versions before 3.7.2, where 
several Net ...)
        - nettle 3.7.2-1 (bug #985652)
        [buster] - nettle <no-dsa> (Minor issue)
@@ -23840,9 +23843,12 @@ CVE-2021-20292 [RM Memory Management Double Free 
Privilege Escalation Vulnerabil
        NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1939686
        NOTE: 
https://git.kernel.org/linus/5de5b6ecf97a021f29403aa272cb4e03318ef586
 CVE-2021-20291 (A deadlock vulnerability was found in 
'github.com/containers/storage'  ...)
-       TODO: check
+       - golang-github-containers-image <unfixed>
+       NOTE: 
https://github.com/containers/storage/commit/306fcabc964470e4b3b87a43a8f6b7d698209ee1
+       TODO: check golang-github-containers-buildah, docker.io, 
golang-github-containers-storage
 CVE-2021-20290
        RESERVED
+       - foreman <itp> (bug #663101)
 CVE-2021-20289 (A flaw was found in RESTEasy in all versions of RESTEasy up to 
4.6.0.F ...)
        NOT-FOR-US: Keycloak
 CVE-2021-20288



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/90a6a3a7e687dd74945604de34fe8c937089a16e

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/90a6a3a7e687dd74945604de34fe8c937089a16e
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to