[Git][security-tracker-team/security-tracker][master] new gradle issue

Mon, 02 Aug 2021 03:30:47 -0700 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
878dda19 by Moritz Muehlenhoff at 2021-08-02T12:30:23+02:00
new gradle issue

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -7333,7 +7333,6 @@ CVE-2021-34555 (OpenDMARC 1.4.1 and 1.4.1.1 allows remote 
attackers to cause a d
        [stretch] - opendmarc <not-affected> (Vulnerable code 
(multi-value-From:) introduced later)
        NOTE: https://github.com/trusteddomainproject/OpenDMARC/issues/179
        NOTE: https://github.com/trusteddomainproject/OpenDMARC/pull/178
-       TODO: check, seems introduced by the fix for CVE-2019-16378, cf. 
https://github.com/trusteddomainproject/OpenDMARC/issues/179#issuecomment-856798477
 CVE-2021-34554
        RESERVED
 CVE-2021-34553 (Sonatype Nexus Repository Manager 3.x before 3.31.0 allows a 
remote au ...)
@@ -11508,7 +11507,10 @@ CVE-2021-32753 (EdgeX Foundry is an open source 
project for building a common op
 CVE-2021-32752 (Ether Logs is a package that allows one to check one's logs in 
the Cra ...)
        NOT-FOR-US: Ether Logs
 CVE-2021-32751 (Gradle is a build tool with a focus on build automation. In 
versions p ...)
-       TODO: check
+       - gradle <unfixed>
+       [bullseye] - gradle <ignored> (Minor issue)
+       [buster] - gradle <ignored> (Minor issue)
+       NOTE: 
https://github.com/gradle/gradle/security/advisories/GHSA-6j2p-252f-7mw8
 CVE-2021-32750 (MuWire is a file publishing and networking tool that protects 
the iden ...)
        NOT-FOR-US: MuWire
 CVE-2021-32749 (fail2ban is a daemon to ban hosts that cause multiple 
authentication e ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/878dda1954e806bb9e66fa6eebc9965ab5919bc4

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/878dda1954e806bb9e66fa6eebc9965ab5919bc4
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to