Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
f0655c3f by Salvatore Bonaccorso at 2021-04-22T11:07:55+02:00
Add Debian bug reference for ruby-sidekiq
- - - - -
f584c9c4 by Salvatore Bonaccorso at 2021-04-22T11:08:16+02:00
Add Debian bug reference for CVE-2020-25864/consul
- - - - -
bccca9b2 by Salvatore Bonaccorso at 2021-04-22T11:08:32+02:00
Add Debian bug references for google-compute-image-packages issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -3027,7 +3027,7 @@ CVE-2021-30152 (An issue was discovered in MediaWiki
before 1.31.13 and 1.32.x t
NOTE: https://phabricator.wikimedia.org/T270713
NOTE:
https://lists.wikimedia.org/pipermail/wikitech-l/2021-April/094418.html
CVE-2021-30151 (Sidekiq through 5.1.3 and 6.x through 6.2.0 allows XSS via the
queue n ...)
- - ruby-sidekiq <unfixed>
+ - ruby-sidekiq <unfixed> (bug #987354)
[stretch] - ruby-sidekiq <no-dsa> (Minor issue)
NOTE: https://github.com/mperham/sidekiq/issues/4852
NOTE:
https://github.com/mperham/sidekiq/commit/64f70339d1dcf50a55c00d36bfdb61d97ec63ed8
@@ -43311,7 +43311,7 @@ CVE-2020-25866 (In Wireshark 3.2.0 to 3.2.6 and 3.0.0
to 3.0.13, the BLIP protoc
CVE-2020-25865
RESERVED
CVE-2020-25864 (HashiCorp Consul and Consul Enterprise up to version 1.9.4
key-value ( ...)
- - consul <unfixed>
+ - consul <unfixed> (bug #987351)
[buster] - consul <no-dsa> (Minor issue)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1950275
NOTE: https://github.com/hashicorp/consul/pull/10023
@@ -84410,7 +84410,7 @@ CVE-2020-8935 (An arbitrary memory overwrite
vulnerability in Asylo versions up
CVE-2020-8934
RESERVED
CVE-2020-8933 (A vulnerability in Google Cloud Platform's guest-oslogin
versions betw ...)
- - google-compute-image-packages <unfixed>
+ - google-compute-image-packages <unfixed> (bug #987353)
NOTE: https://cloud.google.com/compute/docs/security-bulletins#2020619
NOTE: https://github.com/GoogleCloudPlatform/guest-oslogin/pull/29
CVE-2020-8932
@@ -84466,7 +84466,7 @@ CVE-2020-8909
CVE-2020-8908 (A temp directory creation vulnerability exists in all versions
of Guav ...)
NOT-FOR-US: Google Guava
CVE-2020-8907 (A vulnerability in Google Cloud Platform's guest-oslogin
versions betw ...)
- - google-compute-image-packages <unfixed>
+ - google-compute-image-packages <unfixed> (bug #987353)
NOTE: https://cloud.google.com/compute/docs/security-bulletins#2020619
NOTE: https://github.com/GoogleCloudPlatform/guest-oslogin/pull/29
CVE-2020-8906
@@ -84476,7 +84476,7 @@ CVE-2020-8905 (A buffer length validation vulnerability
in Asylo versions prior
CVE-2020-8904 (An arbitrary memory overwrite vulnerability in the trusted
memory of A ...)
NOT-FOR-US: Asylo
CVE-2020-8903 (A vulnerability in Google Cloud Platform's guest-oslogin
versions betw ...)
- - google-compute-image-packages <unfixed>
+ - google-compute-image-packages <unfixed> (bug #987353)
NOTE: https://cloud.google.com/compute/docs/security-bulletins#2020619
NOTE: https://github.com/GoogleCloudPlatform/guest-oslogin/pull/29
CVE-2020-8902 (Rendertron versions prior to 3.0.0 are are susceptible to a
Server-Sid ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/caccc6243e3cac19fa92cb47acd61225f79cb214...bccca9b242dbfe4e4e291010ca635e451f7ff682
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/caccc6243e3cac19fa92cb47acd61225f79cb214...bccca9b242dbfe4e4e291010ca635e451f7ff682
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
