Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
bc990afd by Moritz Muehlenhoff at 2021-06-04T21:22:25+02:00
bullseye triage
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -10265,8 +10265,10 @@ CVE-2021-29509 (Puma is a concurrent HTTP 1.1 server
for Ruby/Rack applications.
CVE-2021-29508 (Due to how Wire handles type information in its serialization
format, ...)
NOT-FOR-US: Wire
CVE-2021-29507 (### Impact _What kind of vulnerability is it? Who is
impacted?_ The vu ...)
- - dlt-daemon <unfixed>
- NOTE:
https://github.com/GENIVI/dlt-daemon/security/advisories/GHSA-7cqp-2hqj-mh3f
+ - dlt-daemon <unfixed> (unimportant)
+ NOTE:
https://github.com/GENIVI/dlt-daemon/security/advisories/GHSA-7cqp-2hqj-mh3f
(useless boilerplate only)
+ NOTE:
https://github.com/GENIVI/dlt-daemon/commit/f5344f8cf036e6dcb899522e8e679639dd23e1a4
+ NOTE: No security impact, config files need to be trusted
CVE-2021-29506 (GraphHopper is an open-source Java routing engine. In
GrassHopper from ...)
NOT-FOR-US: GraphHopper
CVE-2021-29505 (### Impact The vulnerability may allow a remote attacker has
sufficien ...)
@@ -16673,12 +16675,14 @@ CVE-2021-26827 (Buffer Overflow in TP-Link WR2041 v1
firmware for the TL-WR2041+
NOT-FOR-US: TP-Link
CVE-2021-26826 (A stack overflow issue exists in Godot Engine up to v3.2 and
is caused ...)
- godot <unfixed> (bug #982593)
+ [bullseye] - godot <no-dsa> (Minor issue)
[buster] - godot <no-dsa> (Minor issue)
NOTE: https://github.com/godotengine/godot/pull/45701
NOTE:
https://github.com/godotengine/godot/commit/403e4fd08b0b212e96f53d926e6273e0745eaa5a
(master)
NOTE:
https://github.com/godotengine/godot/commit/113b5ab1c45c01b8e6d54d13ac8876d091f883a8
(3.2)
CVE-2021-26825 (An integer overflow issue exists in Godot Engine up to v3.2
that can b ...)
- godot <unfixed> (bug #982593)
+ [bullseye] - godot <no-dsa> (Minor issue)
[buster] - godot <no-dsa> (Minor issue)
NOTE: https://github.com/godotengine/godot/pull/45701
NOTE:
https://github.com/godotengine/godot/commit/403e4fd08b0b212e96f53d926e6273e0745eaa5a
(master)
@@ -29301,6 +29305,7 @@ CVE-2020-35981 (An issue was discovered in GPAC version
0.8.0 and 1.0.1. There i
NOTE: https://github.com/gpac/gpac/issues/1659
CVE-2020-35980 (An issue was discovered in GPAC version 0.8.0 and 1.0.1. There
is a us ...)
- gpac <unfixed> (bug #987374)
+ [bullseye] - gpac <no-dsa> (Minor issue)
NOTE:
https://github.com/gpac/gpac/commit/5aba27604d957e960d8069d85ccaf868f8a7b07a
NOTE: https://github.com/gpac/gpac/issues/1661
CVE-2020-35979 (An issue was discovered in GPAC version 0.8.0 and 1.0.1. There
is heap ...)
@@ -71071,6 +71076,8 @@ CVE-2020-15803 (Zabbix before 3.0.32rc1, 4.x before
4.0.22rc1, 4.1.x through 4.4
NOTE: https://support.zabbix.com/browse/ZBX-18057
CVE-2020-15802 (Devices supporting Bluetooth before 5.1 may allow
man-in-the-middle at ...)
- linux <unfixed>
+ [bullseye] - linux <postponed> (Minor issue, revisit when/if fixed
upstream)
+ [buster] - linux <postponed> (Minor issue, revisit when/if fixed
upstream)
NOTE: https://www.kb.cert.org/vuls/id/589825/
CVE-2020-15801 (In Python 3.8.4, sys.path restrictions specified in a
python38._pth fi ...)
- python3.9 <not-affected> (Windows-specific)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bc990afd56fc6a57c8701b8920898094fc59ff96
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bc990afd56fc6a57c8701b8920898094fc59ff96
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
