[Git][security-tracker-team/security-tracker][master] automatic update

Thu, 08 Jul 2021 01:10:37 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
2b503c00 by security tracker role at 2021-07-08T08:10:20+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,37 @@
+CVE-2021-3638
+       RESERVED
+CVE-2021-36235
+       RESERVED
+CVE-2021-36234
+       RESERVED
+CVE-2021-36233
+       RESERVED
+CVE-2021-36232
+       RESERVED
+CVE-2021-36231
+       RESERVED
+CVE-2021-36230
+       RESERVED
+CVE-2021-36229
+       RESERVED
+CVE-2021-36228
+       RESERVED
+CVE-2021-36227
+       RESERVED
+CVE-2021-36226
+       RESERVED
+CVE-2021-36225
+       RESERVED
+CVE-2021-36224
+       RESERVED
+CVE-2021-36223
+       RESERVED
+CVE-2021-36222
+       RESERVED
+CVE-2021-36221
+       RESERVED
+CVE-2021-36220
+       RESERVED
 CVE-2021-36219
        RESERVED
 CVE-2021-36218
@@ -4019,8 +4053,8 @@ CVE-2021-34432
        RESERVED
 CVE-2021-34431
        RESERVED
-CVE-2021-34430
-       RESERVED
+CVE-2021-34430 (Eclipse TinyDTLS through 0.9-rc1 relies on the rand function 
in the C  ...)
+       TODO: check
 CVE-2021-34429
        RESERVED
 CVE-2021-34428 (For Eclipse Jetty versions <= 9.4.40, <= 10.0.2, <= 
11.0.2, i ...)
@@ -7931,10 +7965,10 @@ CVE-2021-32717 (Shopware is an open source eCommerce 
platform. In versions prior
        NOT-FOR-US: Shopware
 CVE-2021-32716 (Shopware is an open source eCommerce platform. In versions 
prior to 6. ...)
        NOT-FOR-US: Shopware
-CVE-2021-32715
-       RESERVED
-CVE-2021-32714
-       RESERVED
+CVE-2021-32715 (hyper is an HTTP library for rust. hyper's HTTP/1 server code 
had a fl ...)
+       TODO: check
+CVE-2021-32714 (hyper is an HTTP library for Rust. In versions prior to 
0.14.10, hyper ...)
+       TODO: check
 CVE-2021-32713 (Shopware is an open source eCommerce platform. Versions prior 
to 5.6.1 ...)
        NOT-FOR-US: Shopware
 CVE-2021-32712 (Shopware is an open source eCommerce platform. Versions prior 
to 5.6.1 ...)
@@ -34031,8 +34065,8 @@ CVE-2021-21809 (A command execution vulnerability 
exists in the default legacy s
        NOT-FOR-US: Moodle plugin
 CVE-2021-21808 (A memory corruption vulnerability exists in the PNG 
png_palette_proces ...)
        NOT-FOR-US: Accusoft ImageGear
-CVE-2021-21807
-       RESERVED
+CVE-2021-21807 (An integer overflow vulnerability exists in the DICOM 
parse_dicom_meta ...)
+       TODO: check
 CVE-2021-21806
        RESERVED
 CVE-2021-21805
@@ -34097,8 +34131,8 @@ CVE-2021-21777 (An information disclosure vulnerability 
exists in the Ethernet/I
        NOT-FOR-US: EIP Stack Group OpENer
 CVE-2021-21776 (An out-of-bounds write vulnerability exists in the SGI Format 
Buffer S ...)
        NOT-FOR-US: ImageGear
-CVE-2021-21775
-       RESERVED
+CVE-2021-21775 (A use-after-free vulnerability exists in the way certain 
events are pr ...)
+       TODO: check
 CVE-2021-21774
        RESERVED
 CVE-2021-21773 (An out-of-bounds write vulnerability exists in the TIFF header 
count-p ...)
@@ -453738,7 +453772,7 @@ CVE-2008-1880 (The default configuration of Firebird 
before 2.0.3.12981.0-r6 on
        NOTE: on debian after the installation firebird2.0-super is disabled, 
to enable it
        NOTE: you need to call dpkg-reconfigure
 CVE-2008-1879
-       RESERVED
+       REJECTED
 CVE-2007-6715 (Mozilla Firefox allows remote attackers to cause a denial of 
service ( ...)
        - iceweasel <removed> (unimportant)
        NOTE: browser dos not treated as security issues
@@ -463344,7 +463378,7 @@ CVE-2007-5004 (Integer overflow in CA (Computer 
Associates) BrightStor ARCserve
 CVE-2007-5003 (Multiple stack-based buffer overflows in CA (Computer 
Associates) Brig ...)
        NOT-FOR-US: CA ARCserve Backup
 CVE-2007-5002
-       RESERVED
+       REJECTED
 CVE-2007-5001 (Linux kernel before 2.4.21 allows local users to cause a denial 
of ser ...)
        - linux-2.6 <not-affected> (RedHat/RHEL3 specific patch only)
 CVE-2007-5000 (Cross-site scripting (XSS) vulnerability in the (1) mod_imap 
module in ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2b503c00a357691cd8babbc872beff09be20ef87

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2b503c00a357691cd8babbc872beff09be20ef87
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to