[Git][security-tracker-team/security-tracker][master] various bugs filed

Moritz Muehlenhoff (@jmm) Thu, 03 Jun 2021 11:12:04 -0700


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
5c263723 by Moritz Mühlenhoff at 2021-06-03T20:11:09+02:00
various bugs filed

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -4547,7 +4547,7 @@ CVE-2021-31857
 CVE-2021-31856 (A SQL Injection vulnerability in the REST API in Layer5 
Meshery 0.5.2  ...)
        NOT-FOR-US: Layer Meshery
 CVE-2021-31855 (KDE Messagelib through 5.17.0 reveals cleartext of encrypted 
messages  ...)
-       - kf5-messagelib <unfixed>
+       - kf5-messagelib <unfixed> (bug #989438)
        - kdepim4 <removed>
        NOTE: https://kde.org/info/security/advisory-20210429-1.txt
        NOTE: 
https://commits.kde.org/messagelib/3b5b171e91ce78b966c98b1292a1bcbc8d984799
@@ -8530,48 +8530,48 @@ CVE-2021-30161 (An issue was discovered on LG mobile 
devices with Android OS 11
        NOT-FOR-US: LG mobile devices
 CVE-2021-26948
        RESERVED
-       - htmldoc <unfixed> (unimportant)
+       - htmldoc <unfixed> (unimportant; bug #989437)
        NOTE: https://github.com/michaelrsweet/htmldoc/issues/410
        NOTE: 
https://github.com/michaelrsweet/htmldoc/commit/008861d8339c6ec777e487770b70b95b1ed0c1d2
        NOTE: Crash in CLI tool, no security impact
 CVE-2021-26259
        RESERVED
-       - htmldoc <unfixed> (unimportant)
+       - htmldoc <unfixed> (unimportant; bug #989437)
        NOTE: https://github.com/michaelrsweet/htmldoc/issues/417
        NOTE: 
https://github.com/michaelrsweet/htmldoc/commit/0ddab26a542c74770317b622e985c52430092ba5
        NOTE: Crash in CLI tool, no security impact
 CVE-2021-26252
        RESERVED
-       - htmldoc <unfixed> (unimportant)
+       - htmldoc <unfixed> (unimportant; bug #989437)
        NOTE: https://github.com/michaelrsweet/htmldoc/issues/412
        NOTE: 
https://github.com/michaelrsweet/htmldoc/commit/369b2ea1fd0d0537ba707f20a2f047b6afd2fbdc
        NOTE: Crash in CLI tool, no security impact
 CVE-2021-23206
        RESERVED
-       - htmldoc <unfixed> (unimportant)
+       - htmldoc <unfixed> (unimportant; bug #989437)
        NOTE: https://github.com/michaelrsweet/htmldoc/issues/416
        NOTE: 
https://github.com/michaelrsweet/htmldoc/commit/ba61a3ece382389ae4482c7027af8b32e8ab4cc8
        NOTE: Crash in CLI tool, no security impact
 CVE-2021-23191
        RESERVED
-       - htmldoc <unfixed> (unimportant)
+       - htmldoc <unfixed> (unimportant; bug #989437)
        NOTE: https://github.com/michaelrsweet/htmldoc/issues/415
        NOTE: 
https://github.com/michaelrsweet/htmldoc/commit/369b2ea1fd0d0537ba707f20a2f047b6afd2fbdc
        NOTE: Crash in CLI tool, no security impact
 CVE-2021-23180
        RESERVED
-       - htmldoc <unfixed> (unimportant)
+       - htmldoc <unfixed> (unimportant; bug #989437)
        NOTE: https://github.com/michaelrsweet/htmldoc/issues/418
        NOTE: 
https://github.com/michaelrsweet/htmldoc/commit/19c582fb32eac74b57e155cffbb529377a9e751a
        NOTE: Crash in CLI tool, no security impact
 CVE-2021-23165
        RESERVED
-       - htmldoc <unfixed>
+       - htmldoc <unfixed> (bug #989437)
        NOTE: https://github.com/michaelrsweet/htmldoc/issues/413
        NOTE: 
https://github.com/michaelrsweet/htmldoc/commit/369b2ea1fd0d0537ba707f20a2f047b6afd2fbdc
 CVE-2021-23158
        RESERVED
-       - htmldoc <unfixed> (unimportant)
+       - htmldoc <unfixed> (unimportant; bug #989437)
        NOTE: https://github.com/michaelrsweet/htmldoc/issues/414
        NOTE: 
https://github.com/michaelrsweet/htmldoc/commit/369b2ea1fd0d0537ba707f20a2f047b6afd2fbdc
        NOTE: Crash in CLI tool, no security impact
@@ -57872,7 +57872,7 @@ CVE-2020-22034 (A heap-based Buffer Overflow 
vulnerability exists FFmpeg 4.2 at
        NOTE: https://trac.ffmpeg.org/ticket/8236
        NOTE: 
https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=1331e001796c656a4a3c770a16121c15ec1db2ac
 CVE-2020-22033 (A heap-based Buffer Overflow Vulnerability exists FFmpeg 4.2 
at libavf ...)
-       - ffmpeg <unfixed>
+       - ffmpeg <unfixed> (bug #989439)
        [buster] - ffmpeg <postponed> (Wait for 4.1.7)
        NOTE: https://trac.ffmpeg.org/ticket/8246
        NOTE: https://trac.ffmpeg.org/ticket/8241
@@ -57934,7 +57934,7 @@ CVE-2020-22022 (A heap-based Buffer Overflow 
vulnerability exists in FFmpeg 4.2
        NOTE: 
https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=07050d7bdc32d82e53ee5bb727f5882323d00dba
        NOTE: https://trac.ffmpeg.org/ticket/8264
 CVE-2020-22021 (Buffer Overflow vulnerability in FFmpeg 4.2 at filter_edges 
function i ...)
-       - ffmpeg <unfixed>
+       - ffmpeg <unfixed> (bug #989439)
        [buster] - ffmpeg <postponed> (Wait for 4.1.7)
        NOTE: 
https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=7971f62120a55c141ec437aa3f0bacc1c1a3526b
        NOTE: https://trac.ffmpeg.org/ticket/8240
@@ -57945,7 +57945,7 @@ CVE-2020-22020 (Buffer Overflow vulnerability in FFmpeg 
4.2 in the build_diff_ma
        NOTE: https://trac.ffmpeg.org/ticket/8239
        NOTE: 
https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=ce5274c1385d55892a692998923802023526b765
 CVE-2020-22019 (Buffer Overflow vulnerability in FFmpeg 4.2 at 
convolution_y_10bit in  ...)
-       - ffmpeg <unfixed>
+       - ffmpeg <unfixed> (bug #989439)
        [buster] - ffmpeg <postponed> (Wait for 4.1.7)
        NOTE: https://trac.ffmpeg.org/ticket/8246
        NOTE: https://trac.ffmpeg.org/ticket/8241
@@ -57963,7 +57963,7 @@ CVE-2020-22016 (A heap-based Buffer Overflow 
vulnerability in FFmpeg 4.2 at liba
        NOTE: https://trac.ffmpeg.org/ticket/8183
        NOTE: 
https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=58aa0ed8f10753ee90f4a4a1f4f3da803cf7c145
 CVE-2020-22015 (Buffer Overflow vulnerability in FFmpeg 4.2 in 
mov_write_video_tag due ...)
-       - ffmpeg <unfixed>
+       - ffmpeg <unfixed> (bug #989439)
        [buster] - ffmpeg <ignored> (Minor issue)
        [stretch] - ffmpeg <ignored> (Minor issue)
        NOTE: https://trac.ffmpeg.org/ticket/8190
@@ -59919,7 +59919,7 @@ CVE-2020-21042
        RESERVED
 CVE-2020-21041 (Buffer Overflow vulnerability exists in FFmpeg 4.1 via 
apng_do_inverse ...)
        [experimental] - ffmpeg 7:4.4-1
-       - ffmpeg <unfixed>
+       - ffmpeg <unfixed> (bug #989439)
        [buster] - ffmpeg <postponed> (Wait for 4.1.7)
        [stretch] - ffmpeg <postponed> (Wait for 4.1.7)
        NOTE: https://trac.ffmpeg.org/ticket/7989



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5c2637238e3a131186d9a19f69a30fbf769f6f0b

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5c2637238e3a131186d9a19f69a30fbf769f6f0b
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] various bugs filed

Reply via email to