[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso Sun, 18 Apr 2021 13:10:45 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
3b1e6779 by security tracker role at 2021-04-18T20:10:28+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -9906,6 +9906,7 @@ CVE-2021-3406 (A flaw was found in keylime 5.8.1 and 
older. The issue in the Key
        NOT-FOR-US: Keylime
        NOTE: 
https://github.com/keylime/keylime/security/advisories/GHSA-78f8-6c68-375m
 CVE-2021-3405 (A flaw was found in libebml before 1.4.2. A heap overflow bug 
exists i ...)
+       {DLA-2629-1}
        - libebml 1.4.2-1 (bug #982597)
        [buster] - libebml <no-dsa> (Minor issue)
        NOTE: https://github.com/Matroska-Org/libebml/issues/74
@@ -17249,7 +17250,7 @@ CVE-2021-23981 (A texture upload of a Pixel Buffer 
Object could have confused th
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2021-12/#CVE-2021-23981
 CVE-2021-23980 [mutation XSS via allowed math or svg; p or br; and style, 
title, noscript, script, textarea, noframes, iframe, or xmp tags with 
strip_comments=False]
        RESERVED
-       {DLA-2620-1}
+       {DSA-4892-1 DLA-2620-1}
        - python-bleach 3.2.1-2.1 (bug #986251)
        NOTE: 
https://github.com/mozilla/bleach/security/advisories/GHSA-vv2x-vrpj-qqpq
        NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=1689399
@@ -18609,22 +18610,22 @@ CVE-2021-23383
        RESERVED
 CVE-2021-23382
        RESERVED
-CVE-2021-23381
-       RESERVED
-CVE-2021-23380
-       RESERVED
-CVE-2021-23379
-       RESERVED
-CVE-2021-23378
-       RESERVED
-CVE-2021-23377
-       RESERVED
-CVE-2021-23376
-       RESERVED
-CVE-2021-23375
-       RESERVED
-CVE-2021-23374
-       RESERVED
+CVE-2021-23381 (This affects all versions of package killing. If 
attacker-controlled u ...)
+       TODO: check
+CVE-2021-23380 (This affects all versions of package roar-pidusage. If 
attacker-contro ...)
+       TODO: check
+CVE-2021-23379 (This affects all versions of package portkiller. If 
(attacker-controll ...)
+       TODO: check
+CVE-2021-23378 (This affects all versions of package picotts. If 
attacker-controlled u ...)
+       TODO: check
+CVE-2021-23377 (This affects all versions of package onion-oled-js. If 
attacker-contro ...)
+       TODO: check
+CVE-2021-23376 (This affects all versions of package ffmpegdotjs. If 
attacker-controll ...)
+       TODO: check
+CVE-2021-23375 (This affects all versions of package psnode. If 
attacker-controlled us ...)
+       TODO: check
+CVE-2021-23374 (This affects all versions of package ps-visitor. If 
attacker-controlle ...)
+       TODO: check
 CVE-2021-23373
        RESERVED
 CVE-2021-23372 (All versions of package mongo-express are vulnerable to Denial 
of Serv ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3b1e67798c0198a473fc41d7ce71b46b03331f93

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3b1e67798c0198a473fc41d7ce71b46b03331f93
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to