[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) Wed, 26 May 2021 01:11:16 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
91709915 by security tracker role at 2021-05-26T08:10:18+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,37 @@
+CVE-2021-3566
+       RESERVED
+CVE-2021-33579
+       RESERVED
+CVE-2021-33578
+       RESERVED
+CVE-2021-33577
+       RESERVED
+CVE-2021-33576
+       RESERVED
+CVE-2021-33575 (The Pixar ruby-jss gem before 1.6.0 allows remote attackers to 
execute ...)
+       TODO: check
+CVE-2021-33574 (The mq_notify function in the GNU C Library (aka glibc) 
through 2.33 h ...)
+       TODO: check
+CVE-2021-33573
+       RESERVED
+CVE-2021-33572
+       RESERVED
+CVE-2021-33571
+       RESERVED
+CVE-2021-33570 (Postbird 0.8.4 allows stored XSS via the onerror attribute of 
an IMG e ...)
+       TODO: check
+CVE-2021-33569
+       RESERVED
+CVE-2021-33568
+       RESERVED
+CVE-2021-33567
+       RESERVED
+CVE-2021-33566
+       RESERVED
+CVE-2021-33565
+       RESERVED
+CVE-2016-20011 (libgrss through 0.7.0 fails to perform TLS certificate 
verification wh ...)
+       TODO: check
 CVE-2021-3565 [during tpm2_import command invocation a fixed AES wrapping key 
is used]
        RESERVED
        - tpm2-tools <unfixed>
@@ -3660,8 +3694,8 @@ CVE-2021-31926 (AMP Application Deployment Service in 
CubeCoders AMP 2.1.x befor
        NOT-FOR-US: CubeCoders AMP
 CVE-2021-31925
        RESERVED
-CVE-2021-31924
-       RESERVED
+CVE-2021-31924 (Yubico pam-u2f before 1.1.1 has a logic issue that, depending 
on the p ...)
+       TODO: check
 CVE-2021-31923
        RESERVED
 CVE-2021-31922 (An HTTP Request Smuggling vulnerability in Pulse Secure 
Virtual Traffi ...)
@@ -10138,10 +10172,10 @@ CVE-2021-29255 (MicroSeven MYM71080i-B 2.0.5 through 
2.0.20 devices send admin c
        NOT-FOR-US: MicroSeven
 CVE-2021-29254
        RESERVED
-CVE-2021-29253
-       RESERVED
-CVE-2021-29252
-       RESERVED
+CVE-2021-29253 (The Tableau integration in RSA Archer 6.4 P1 (6.4.0.1) through 
6.9 P2  ...)
+       TODO: check
+CVE-2021-29252 (RSA Archer before 6.9 SP1 P1 (6.9.1.1) contains a stored XSS 
vulnerabi ...)
+       TODO: check
 CVE-2021-29251 (BTCPay Server before 1.0.7.1 mishandles the policy setting in 
which us ...)
        NOT-FOR-US: BTCPay Server
 CVE-2021-29250 (BTCPay Server through 1.0.7.0 suffers from a Stored Cross Site 
Scripti ...)
@@ -32805,8 +32839,7 @@ CVE-2021-20210 (A flaw was found in Privoxy in versions 
before 3.0.29. Memory le
        [buster] - privoxy 3.0.28-2+deb10u1
        NOTE: https://www.openwall.com/lists/oss-security/2021/02/03/3
        NOTE: 
https://www.privoxy.org/gitweb/?p=privoxy.git;a=commit;h=1b1370f7a8a9cc5434d3e0e54dd620df1e70c873
 (3.0.29)
-CVE-2021-20209
-       RESERVED
+CVE-2021-20209 (A memory leak vulnerability was found in Privoxy before 3.0.29 
in the  ...)
        {DLA-2548-1}
        - privoxy 3.0.29-1
        [buster] - privoxy 3.0.28-2+deb10u1
@@ -49212,8 +49245,7 @@ CVE-2020-25673
        [bullseye] - linux <postponed> (Minor issue, revisit once fixed 
upstream)
        [buster] - linux <postponed> (Minor issue, revisit once fixed upstream)
        NOTE: https://www.openwall.com/lists/oss-security/2020/11/01/1
-CVE-2020-25672
-       RESERVED
+CVE-2020-25672 (A memory leak vulnerability was found in Linux kernel in 
llcp_sock_con ...)
        - linux 5.10.38-1
        [bullseye] - linux <postponed> (Minor issue, revisit once fixed 
upstream)
        [buster] - linux <postponed> (Minor issue, revisit once fixed upstream)
@@ -60254,8 +60286,8 @@ CVE-2020-20455
        RESERVED
 CVE-2020-20454
        RESERVED
-CVE-2020-20453
-       RESERVED
+CVE-2020-20453 (FFmpeg 4.2 is affected by a Divide By Zero issue via 
libavcodec/aaccod ...)
+       TODO: check
 CVE-2020-20452
        RESERVED
 CVE-2020-20451 (Denial of Service issue in FFmpeg 4.2 due to resource 
management error ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/91709915c439e65cadaffec089b03428b34b7951

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/91709915c439e65cadaffec089b03428b34b7951
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to