[Git][security-tracker-team/security-tracker][master] bullseye triage

Moritz Muehlenhoff (@jmm) Fri, 28 May 2021 01:53:23 -0700


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
a01f623d by Moritz Muehlenhoff at 2021-05-28T10:50:23+02:00
bullseye triage

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -11749,6 +11749,7 @@ CVE-2021-3446 (A flaw was found in libtpms in versions 
before 0.8.2. The commonl
 CVE-2021-28650 (autoar-extractor.c in GNOME gnome-autoar before 0.3.1, as used 
by GNOM ...)
        [experimental] - gnome-autoar 0.3.1-1
        - gnome-autoar <unfixed> (bug #985391)
+       [bullseye] - gnome-autoar <no-dsa> (Minor issue)
        [buster] - gnome-autoar <not-affected> (Incomplete fix for 
CVE-2020-36241 not applied)
        [stretch] - gnome-autoar <not-affected> (Incomplete fix for 
CVE-2020-36241 not applied)
        NOTE: https://gitlab.gnome.org/GNOME/gnome-autoar/-/issues/12
@@ -66459,6 +66460,7 @@ CVE-2020-17496 (vBulletin 5.5.4 through 5.6.2 allows 
remote command execution vi
        NOT-FOR-US: vBulletin
 CVE-2020-17495 (django-celery-results through 1.2.1 stores task results in the 
databas ...)
        - python-django-celery-results <unfixed> (bug #968305)
+       [bullseye] - python-django-celery-results <no-dsa> (Minor issue)
        [buster] - python-django-celery-results <no-dsa> (Minor issue)
        NOTE: https://github.com/celery/django-celery-results/issues/142
 CVE-2020-17494 (Untangle Firewall NG before 16.0 uses MD5 for passwords. ...)
@@ -93233,6 +93235,7 @@ CVE-2020-7712 (This affects the package json before 
10.0.0. It is possible to in
        NOT-FOR-US: Node json
 CVE-2020-7711 (This affects all versions of package 
github.com/russellhaering/goxmlds ...)
        - golang-github-russellhaering-goxmldsig <unfixed> (bug #968928)
+       [bullseye] - golang-github-russellhaering-goxmldsig <no-dsa> (Minor 
issue)
        [buster] - golang-github-russellhaering-goxmldsig <no-dsa> (Minor issue)
        NOTE: https://github.com/russellhaering/goxmldsig/issues/48
 CVE-2020-7710 (This affects all versions of package safe-eval. It is possible 
for an  ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a01f623def180ba775fbd219eff4a14b71eec2b7

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a01f623def180ba775fbd219eff4a14b71eec2b7
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] bullseye triage

Reply via email to