Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits: f72b19e1 by Moritz Muehlenhoff at 2021-04-18T12:54:08+02:00 nextcloud-desktop no-dsa - - - - - c3c0a876 by Moritz Muehlenhoff at 2021-04-18T12:57:16+02:00 new xscreensaver issue - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,3 +1,8 @@ +CVE-2021-XXXX [xscreensaver allows starting external programs with cap_net_raw] + - xscreensaver <unfixed> + [buster] - xscreensaver <no-dsa> (Minor issue) + NOTE: Fixed upstream in 6.0.0 (no public version control) + NOTE: https://www.openwall.com/lists/oss-security/2021/04/17/1 CVE-2021-3505 RESERVED - libtpms 0.8.0~dev1-1 @@ -19649,6 +19654,7 @@ CVE-2021-22880 (The PostgreSQL adapter in Active Record before 6.1.2.1, 6.0.3.5, NOTE: https://github.com/rails/rails/commit/879d02107b5b3eb7aeaad1cd1f259bb41f17286b (v6.0.3.5) CVE-2021-22879 (Nextcloud Desktop Client prior to 3.1.3 is vulnerable to resource inje ...) - nextcloud-desktop <unfixed> + [buster] - nextcloud-desktop <no-dsa> (Minor issue) NOTE: https://nextcloud.com/security/advisory/?id=NC-SA-2021-008 NOTE: https://github.com/nextcloud/desktop/pull/2906 CVE-2021-22878 (Nextcloud Server prior to 20.0.6 is vulnerable to reflected cross-site ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/6daa5d989664b04223c99930123f0834ee00ead8...c3c0a8765216b1910a1289519b341df41fd53b7f -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/6daa5d989664b04223c99930123f0834ee00ead8...c3c0a8765216b1910a1289519b341df41fd53b7f You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list [email protected] https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
