Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
17b945ef by Moritz Muehlenhoff at 2021-10-04T18:23:28+02:00
buster/bullseye triage
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -5864,6 +5864,8 @@ CVE-2021-39362 (An XSS issue was discovered in ReCaptcha
Solver 5.7. A response
NOT-FOR-US: ReCaptcha Solver
CVE-2021-39361 (In GNOME evolution-rss through 0.3.96, network-soup.c does not
enable ...)
- evolution-rss <unfixed>
+ [bullseye] - evolution-rss <no-dsa> (Minor issue)
+ [buster] - evolution-rss <no-dsa> (Minor issue)
[stretch] - evolution-rss <postponed> (Minor issue, revisit when/if
fixed upstream)
NOTE:
https://blogs.gnome.org/mcatanzaro/2021/05/25/reminder-soupsessionsync-and-soupsessionasync-default-to-no-tls-certificate-verification/
NOTE: https://gitlab.gnome.org/GNOME/evolution-rss/-/issues/11
@@ -6573,10 +6575,14 @@ CVE-2021-39136 (baserCMS is an open source content
management system with a focu
CVE-2021-39135 (`@npmcli/arborist`, the library that calculates dependency
trees and m ...)
[experimental] - npm 7.24.0+ds-1
- npm 7.24.0+ds-2 (bug #993405)
+ [bullseye] - npm <no-dsa> (Minor issue)
+ [buster] - npm <no-dsa> (Minor issue)
NOTE:
https://github.com/npm/arborist/security/advisories/GHSA-gmw6-94gg-2rc2
CVE-2021-39134 (`@npmcli/arborist`, the library that calculates dependency
trees and m ...)
[experimental] - npm 7.24.0+ds-1
- npm 7.24.0+ds-2 (bug #993407)
+ [bullseye] - npm <no-dsa> (Minor issue)
+ [buster] - npm <no-dsa> (Minor issue)
NOTE:
https://github.com/npm/arborist/security/advisories/GHSA-2h3h-q99f-3fhc
CVE-2021-39133 (Rundeck is an open source automation service with a web
console, comma ...)
NOT-FOR-US: Rundeck
@@ -33496,8 +33502,8 @@ CVE-2021-28117
(libdiscover/backends/KNSBackend/KNSResource.cpp in KDE Discover
NOTE: Plasma 5.18:
https://commits.kde.org/plasma/discover/fcd3b30552bf03a384b1a16f9bb8db029c111356
CVE-2021-28116 (Squid through 4.14 and 5.x through 5.0.5, in some
configurations, allo ...)
- squid <unfixed> (bug #986804)
- [bullseye] - squid <postponed> (Minor issue, revisit once fixed
upstream)
- [buster] - squid <postponed> (Minor issue, revisit once fixed upstream)
+ [bullseye] - squid <postponed> (Minor issue)
+ [buster] - squid <postponed> (Minor issue)
- squid3 <removed>
[stretch] - squid3 <postponed> (Check later when information is public)
NOTE: https://www.zerodayinitiative.com/advisories/ZDI-CAN-11610/
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/17b945efb5400bc763065f4f6521b7e1af4f809f
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/17b945efb5400bc763065f4f6521b7e1af4f809f
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
