[Git][security-tracker-team/security-tracker][master] automatic update

Sat, 31 Jul 2021 01:10:42 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
9644fa34 by security tracker role at 2021-07-31T08:10:20+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -3475,8 +3475,7 @@ CVE-2021-36152
        RESERVED
 CVE-2021-36151
        RESERVED
-CVE-2021-3636
-       RESERVED
+CVE-2021-3636 (It was found in OpenShift, before version 4.8, that the 
generated cert ...)
        NOT-FOR-US: OpenShift
 CVE-2021-3635
        RESERVED
@@ -6960,10 +6959,10 @@ CVE-2021-34632
        RESERVED
 CVE-2021-34631
        RESERVED
-CVE-2021-34630
-       RESERVED
-CVE-2021-34629
-       RESERVED
+CVE-2021-34630 (In the Pro and Enterprise versions of GTranslate < 2.8.65, 
the gtra ...)
+       TODO: check
+CVE-2021-34629 (The SendGrid WordPress plugin is vulnerable to authorization 
bypass vi ...)
+       TODO: check
 CVE-2021-34628
        RESERVED
 CVE-2021-34627 (A vulnerability in the getSelectedMimeTypesByRole function of 
the WP U ...)
@@ -8904,7 +8903,7 @@ CVE-2021-3571 (A flaw was found in the ptp4l program of 
the linuxptp package. Wh
        NOTE: 
https://github.com/richardcochran/linuxptp/commit/0b3ab45de6a96ca181a5cf62c3c2b97167e2ed20
 (v3.1.1)
        NOTE: https://www.openwall.com/lists/oss-security/2021/07/06/1
 CVE-2021-3570 (A flaw was found in the ptp4l program of the linuxptp package. 
A missi ...)
-       {DSA-4938-1}
+       {DSA-4938-1 DLA-2723-1}
        - linuxptp 3.1-2.1 (bug #990748)
        NOTE: 
https://github.com/richardcochran/linuxptp/commit/a1e63aa3a7304647913707c4df01f3df430806ab
 (master)
        NOTE: 
https://github.com/richardcochran/linuxptp/commit/ce15e4de5926724557e8642ec762a210632f15ca
 (v3.1.1)
@@ -10700,7 +10699,7 @@ CVE-2021-33034 (In the Linux kernel before 5.12.4, 
net/bluetooth/hci_event.c has
        - linux 5.10.38-1
        [buster] - linux 4.19.194-1
        NOTE: 
https://git.kernel.org/linus/5c4c8c9544099bb9043a10a5318130a943e32fc3
-CVE-2021-33032 (eQ-3 HomeMatic CCU2 2.57.5 and CCU3 3.57.5 devices allow 
remote code e ...)
+CVE-2021-33032 (A Remote Code Execution (RCE) vulnerability in the WebUI 
component of  ...)
        NOT-FOR-US: eQ-3 HomeMatic CCU2
 CVE-2021-33031 (In LabCup before <v2_next_18022, it is possible to use the 
save API ...)
        NOT-FOR-US: LabCup
@@ -11203,8 +11202,8 @@ CVE-2021-32809
        RESERVED
 CVE-2021-32808
        RESERVED
-CVE-2021-32807
-       RESERVED
+CVE-2021-32807 (The module `AccessControl` defines security policies for 
Python code u ...)
+       TODO: check
 CVE-2021-32806
        RESERVED
 CVE-2021-32805
@@ -24529,16 +24528,16 @@ CVE-2021-27497
        RESERVED
 CVE-2021-27496 (Datakit Software libraries CatiaV5_3dRead, CatiaV6_3dRead, 
Step3dRead, ...)
        NOT-FOR-US: Datakit
-CVE-2021-27495
-       RESERVED
+CVE-2021-27495 (Ypsomed mylife Cloud, mylife Mobile Application:Ypsomed mylife 
Cloud,A ...)
+       TODO: check
 CVE-2021-27494 (Datakit Software libraries CatiaV5_3dRead, CatiaV6_3dRead, 
Step3dRead, ...)
        NOT-FOR-US: Datakit
 CVE-2021-27493
        RESERVED
 CVE-2021-27492 (When opening a specially crafted 3DXML file, the application 
containin ...)
        NOT-FOR-US: Datakit
-CVE-2021-27491
-       RESERVED
+CVE-2021-27491 (Ypsomed mylife Cloud, mylife Mobile Application:Ypsomed mylife 
Cloud,A ...)
+       TODO: check
 CVE-2021-27490 (Datakit Software libraries CatiaV5_3dRead, CatiaV6_3dRead, 
Step3dRead, ...)
        NOT-FOR-US: Datakit
 CVE-2021-27489 (ZOLL Defibrillator Dashboard, v prior to 2.2, The web 
application allo ...)
@@ -28608,7 +28607,7 @@ CVE-2021-3248
 CVE-2021-3247
        RESERVED
 CVE-2021-3246 (A heap buffer overflow vulnerability in msadpcm_decode_block of 
libsnd ...)
-       {DLA-2722-1}
+       {DSA-4947-1 DLA-2722-1}
        - libsndfile 1.0.31-2 (bug #991496)
        NOTE: https://github.com/libsndfile/libsndfile/issues/687
        NOTE: 
https://github.com/libsndfile/libsndfile/commit/deb669ee8be55a94565f6f8a6b60890c2e7c6f32
@@ -36355,8 +36354,8 @@ CVE-2021-22523 (XML External Entity vulnerability in 
Micro Focus Verastream Host
        NOT-FOR-US: Micro Focus
 CVE-2021-22522 (Reflected Cross-Site Scripting vulnerability in Micro Focus 
Verastream ...)
        NOT-FOR-US: Micro Focus
-CVE-2021-22521
-       RESERVED
+CVE-2021-22521 (A privileged escalation vulnerability has been identified in 
Micro Foc ...)
+       TODO: check
 CVE-2021-22520
        RESERVED
 CVE-2021-22519 (Execute arbitrary code vulnerability in Micro Focus SiteScope 
product, ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9644fa3484d582d984723e4da7bf9f9f4644d1c3

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9644fa3484d582d984723e4da7bf9f9f4644d1c3
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to