[Git][security-tracker-team/security-tracker][master] new ckeditor issue

Mon, 05 Jul 2021 06:52:29 -0700 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
5e30f246 by Moritz Muehlenhoff at 2021-07-05T15:51:39+02:00
new ckeditor issue
json-smart non issue

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -10322,8 +10322,7 @@ CVE-2021-31686
 CVE-2021-31685
        RESERVED
 CVE-2021-31684 (A vulnerability was discovered in the indexOf function of 
JSONParserBy ...)
-       - json-smart <unfixed>
-       [stretch] - json-smart <no-dsa> (Minor issue)
+       - json-smart <unfixed> (unimportant)
        NOTE: https://github.com/netplex/json-smart-v2/issues/67
        NOTE: 
https://github.com/netplex/json-smart-v2/commit/6ecff1c2974eaaab2e74e441bdf5ba8495227bf5
        NOTE: Security impact disputed by upstream
@@ -35930,7 +35929,10 @@ CVE-2021-21392 (Synapse is a Matrix reference 
homeserver written in python (pypi
        - matrix-synapse 1.28.0-1
        NOTE: 
https://github.com/matrix-org/synapse/security/advisories/GHSA-5wrh-4jwv-5w78
 CVE-2021-21391 (CKEditor 5 provides a WYSIWYG editing solution. This CVE 
affects the f ...)
-       TODO: check
+       - ckeditor <unfixed>
+       [bullseye] - ckeditor <no-dsa> (Minor issue)
+       [buster] - ckeditor <no-dsa> (Minor issue)
+       NOTE: 
https://github.com/ckeditor/ckeditor5/security/advisories/GHSA-3rh3-wfr4-76mj
 CVE-2021-21390 (MinIO is an open-source high performance object storage 
service and it ...)
        NOT-FOR-US: MinIO
 CVE-2021-21389 (BuddyPress is an open source WordPress plugin to build a 
community sit ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5e30f246e1e9303f55ffb035e97b3e0dc3485ec9

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5e30f246e1e9303f55ffb035e97b3e0dc3485ec9
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to