[Git][security-tracker-team/security-tracker][master] bullseye triage

Moritz Muehlenhoff Thu, 06 May 2021 13:50:12 -0700


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
052ad0d3 by Moritz Muehlenhoff at 2021-05-06T22:49:42+02:00
bullseye triage

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -3746,24 +3746,28 @@ CVE-2021-30473 (aom_image.c in libaom in AOMedia before 
2021-04-07 frees memory
 CVE-2021-30472
        RESERVED
        - libpodofo <unfixed> (bug #986794)
+       [bullseye] - libpodofo <no-dsa> (Minor issue)
        [buster] - libpodofo <no-dsa> (Minor issue)
        [stretch] - libpodofo <postponed> (Minor issue; can be fixed in next 
update)
        NOTE: https://sourceforge.net/p/podofo/tickets/132/
 CVE-2021-30471
        RESERVED
        - libpodofo <unfixed> (bug #986793)
+       [bullseye] - libpodofo <no-dsa> (Minor issue)
        [buster] - libpodofo <no-dsa> (Minor issue)
        [stretch] - libpodofo <postponed> (Minor issue; can be fixed in next 
update)
        NOTE: https://sourceforge.net/p/podofo/tickets/131/
 CVE-2021-30470
        RESERVED
        - libpodofo <unfixed> (bug #986792)
+       [bullseye] - libpodofo <no-dsa> (Minor issue)
        [buster] - libpodofo <no-dsa> (Minor issue)
        [stretch] - libpodofo <postponed> (Minor issue; can be fixed in next 
update)
        NOTE: https://sourceforge.net/p/podofo/tickets/130/
 CVE-2021-30469
        RESERVED
        - libpodofo <unfixed> (bug #986791)
+       [bullseye] - libpodofo <no-dsa> (Minor issue)
        [buster] - libpodofo <no-dsa> (Minor issue)
        [stretch] - libpodofo <postponed> (Minor issue; can be fixed in next 
update)
        NOTE: https://sourceforge.net/p/podofo/tickets/129/
@@ -4348,6 +4352,7 @@ CVE-2021-30185 (CERN Indico before 2.3.4 can use an 
attacker-supplied Host heade
        NOT-FOR-US: CERN Indico
 CVE-2021-30184 (GNU Chess 6.2.7 allows attackers to execute arbitrary code via 
crafted ...)
        - gnuchess <unfixed> (bug #986801)
+       [bullseye] - gnuchess <no-dsa> (Minor issue)
        [buster] - gnuchess <no-dsa> (Minor issue)
        [stretch] - gnuchess <postponed> (Minor issue in a game; can be fixed 
in next update)
        NOTE: 
https://lists.gnu.org/archive/html/bug-gnu-chess/2021-04/msg00000.html
@@ -6194,11 +6199,13 @@ CVE-2021-29430 (Sydent is a reference Matrix identity 
server. Sydent does not li
        NOT-FOR-US: Matrix Sydent
 CVE-2021-29429 (In Gradle before version 7.0, files created with open 
permissions in t ...)
        - gradle <unfixed> (bug #987284)
+       [bullseye] - gradle <no-dsa> (Minor issue)
        [buster] - gradle <no-dsa> (Minor issue)
        [stretch] - gradle <no-dsa> (Minor issue)
        NOTE: 
https://github.com/gradle/gradle/security/advisories/GHSA-fp8h-qmr5-j4c8
 CVE-2021-29428 (In Gradle before version 7.0, on Unix-like systems, the system 
tempora ...)
        - gradle <unfixed> (bug #987284)
+       [bullseye] - gradle <no-dsa> (Minor issue)
        [buster] - gradle <no-dsa> (Minor issue)
        [stretch] - gradle <no-dsa> (Minor issue; sticky bit on /tmp is set by 
default)
        NOTE: 
https://github.com/gradle/gradle/security/advisories/GHSA-89qm-pxvm-p336
@@ -24550,6 +24557,7 @@ CVE-2020-36121
        RESERVED
 CVE-2020-36120 (Buffer Overflow in the "sixel_encoder_encode_bytes" function 
of Libsix ...)
        - libsixel <unfixed> (bug #988159)
+       [bullseye] - libsixel <no-dsa> (Minor issue)
        [buster] - libsixel <no-dsa> (Minor issue)
        NOTE: https://github.com/saitoha/libsixel/issues/143
 CVE-2020-36119
@@ -28867,6 +28875,7 @@ CVE-2021-20270 (An infinite loop in SMLLexer in 
Pygments versions 1.5 to 2.7.3 m
 CVE-2021-20269 [incorrect permissions on kdump dmesg file]
        RESERVED
        - kexec-tools <unfixed> (bug #985105)
+       [bullseye] - kexec-tools <no-dsa> (Minor issue)
        [buster] - kexec-tools <no-dsa> (Minor issue)
        [stretch] - kexec-tools <no-dsa> (Minor issue)
        NOTE: https://www.openwall.com/lists/oss-security/2021/03/11/2



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/052ad0d3ecf61f1e1fb17765d8cd1b3c7abb9dcc

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/052ad0d3ecf61f1e1fb17765d8cd1b3c7abb9dcc
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] bullseye triage

Reply via email to