[Git][security-tracker-team/security-tracker][master] automatic update

Sat, 24 Apr 2021 13:10:44 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
5ada5739 by security tracker role at 2021-04-24T20:10:24+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,11 @@
+CVE-2021-31795 (The PowerVR GPU kernel driver in pvrsrvkm.ko through 
2021-04-24 for th ...)
+       TODO: check
+CVE-2021-31794
+       RESERVED
+CVE-2021-31793
+       RESERVED
+CVE-2021-31792
+       RESERVED
 CVE-2021-31791 (In Hardware Sentry KM before 10.0.01 for BMC PATROL, a 
cleartext passw ...)
        NOT-FOR-US: Sentry KM
 CVE-2021-31790
@@ -393,8 +401,8 @@ CVE-2021-31600
        RESERVED
 CVE-2021-31599
        RESERVED
-CVE-2021-31598
-       RESERVED
+CVE-2021-31598 (An issue was discovered in libezxml.a in ezXML 0.8.6. The 
function ezx ...)
+       TODO: check
 CVE-2021-31597 (The xmlhttprequest-ssl package before 1.6.1 for Node.js 
disables SSL c ...)
        - node-xmlhttprequest-ssl <unfixed>
        [buster] - node-xmlhttprequest-ssl <ignored> (Minor issue, should 
possibly be removed from stable as well)
@@ -2418,6 +2426,7 @@ CVE-2021-XXXX [stack corruption when handling files with 
more than 64 audio chan
        NOTE: 
https://gitlab.freedesktop.org/gstreamer/gst-libav/-/commit/a339f8f9641382b92b43e6d146bdc5d87a9704f8
 (1.18.4)
        NOTE: https://gitlab.freedesktop.org/gstreamer/gst-libav/-/issues/92
 CVE-2021-3498 (GStreamer before 1.18.4 might cause heap corruption when 
parsing certa ...)
+       {DSA-4900-1}
        [experimental] - gst-plugins-good1.0 1.18.4-1
        - gst-plugins-good1.0 1.18.4-2 (bug #986911)
        [stretch] - gst-plugins-good1.0 <not-affected> (Vulnerable code 
introduced later)
@@ -2425,6 +2434,7 @@ CVE-2021-3498 (GStreamer before 1.18.4 might cause heap 
corruption when parsing
        NOTE: 
https://gitlab.freedesktop.org/gstreamer/gst-plugins-good/-/commit/02174790726dd20a5c73ce2002189bf240ad4fe0
        NOTE: Introduced by: 
https://gitlab.freedesktop.org/gstreamer/gst-plugins-good/-/commit/f279bc5336dda19741a5996a108da42dd3201366
 CVE-2021-3497 (GStreamer before 1.18.4 might access already-freed memory in 
error cod ...)
+       {DSA-4900-1}
        [experimental] - gst-plugins-good1.0 1.18.4-1
        - gst-plugins-good1.0 1.18.4-2 (bug #986910)
        NOTE: https://gstreamer.freedesktop.org/security/sa-2021-0002.html



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5ada57394d250de191d40bac6c6189266f81b3f7

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5ada57394d250de191d40bac6c6189266f81b3f7
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to