[Git][security-tracker-team/security-tracker][master] new ansible-runner issue, one n/a

Thu, 19 Aug 2021 04:14:22 -0700 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
55b2f406 by Moritz Muehlenhoff at 2021-08-19T13:13:29+02:00
new ansible-runner issue, one n/a
nbdkit, qemu no-dsa
concludes external check

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -122,6 +122,7 @@ CVE-2021-39246
 CVE-2021-3716 [NBD_OPT_STRUCTURED_REPLY injection on STARTTLS]
        RESERVED
        - nbdkit <unfixed>
+       [bullseye] - nbdkit <no-dsa> (Minor issue)
        [buster] - nbdkit <not-affected> (Vulnerable code introduced later)
        [stretch] - nbdkit <not-affected> (Vulnerable code introduced later)
        NOTE: Introduced by: 
https://github.com/libguestfs/nbdkit/commit/eaa4c6e9a2c4bdb71aefdd4b1d865e7a9af606a8
 (v1.11.8)
@@ -179,8 +180,9 @@ CVE-2021-39231
 CVE-2021-3713 [out-of-bounds write in UAS (USB Attached SCSI) device emulation]
        RESERVED
        - qemu <unfixed>
+       [bullseye] - qemu <no-dsa> (Minor issue)
+       [buster] - qemu <no-dsa> (Minor issue)
        NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1994640
-       TODO: check details
 CVE-2021-39230
        RESERVED
 CVE-2021-39229
@@ -1561,8 +1563,14 @@ CVE-2021-3703
        RESERVED
 CVE-2021-3702
        RESERVED
+       - ansible-runner <not-affected> (Vulnerable code introduced later)
+       NOTE: 
https://github.com/ansible/ansible-runner/pull/742/commits/0e9aa8a97e7832ef9a1553ef2908632a32d2b8c4
+       NOTE: Introduced in 
https://github.com/ansible/ansible-runner/commit/93e95a3df9021a38010386d07df121392d249253
 CVE-2021-3701
        RESERVED
+       - ansible-runner <unfixed>
+       NOTE: https://github.com/ansible/ansible-runner/issues/738
+       NOTE: 
https://github.com/ansible/ansible-runner/pull/742/commits/60b059f00409224acae1e417153a241c8591ad89
 CVE-2021-3700
        RESERVED
 CVE-2021-38562



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/55b2f406dc03cc84ee77035bcf1823665984c1d4

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/55b2f406dc03cc84ee77035bcf1823665984c1d4
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to