[Git][security-tracker-team/security-tracker][master] nomad n/a

Tue, 16 Nov 2021 05:27:14 -0800 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
ab16bd58 by Moritz Muehlenhoff at 2021-11-16T14:03:40+01:00
nomad n/a
add note for pdf2json

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -7500,11 +7500,10 @@ CVE-2021-3853
 CVE-2021-3852
        RESERVED
 CVE-2021-41865 (HashiCorp Nomad and Nomad Enterprise 1.1.1 through 1.1.5 
allowed authe ...)
-       - nomad <undetermined>
+       - nomad <not-affected> (Only affects 1.1.x)
        NOTE: 
https://discuss.hashicorp.com/t/hcsec-2021-26-nomad-denial-of-service-via-submission-of-incomplete-job-specification-using-consul-mesh-gateway-host-network/30311
        NOTE: https://github.com/hashicorp/nomad/issues/11243
        NOTE: https://github.com/hashicorp/nomad/pull/11257
-       TODO: check
 CVE-2021-41864 (prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the 
Linux kern ...)
        - linux 5.14.12-1
        NOTE: 
https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf.git/commit/?id=30e29a9a2bc6a4888335a6ede968b75cd329657a
@@ -82956,8 +82955,12 @@ CVE-2020-23880
        RESERVED
 CVE-2020-23879 (pdf2json v0.71 was discovered to contain a NULL pointer 
dereference in ...)
        NOT-FOR-US: pdf2json
+       NOTE: pdf2json bundles a 14 year old xpdf release (3.0.2), there's no 
point in
+       NOTE: tracking whether this affects src:poppler
 CVE-2020-23878 (pdf2json v0.71 was discovered to contain a stack buffer 
overflow in th ...)
        NOT-FOR-US: pdf2json
+       NOTE: pdf2json bundles a 14 year old xpdf release (3.0.2), there's no 
point in
+       NOTE: tracking whether this affects src:poppler
 CVE-2020-23877 (pdf2xml v2.0 was discovered to contain a stack buffer overflow 
in the  ...)
        NOT-FOR-US: pdf2xml
 CVE-2020-23876 (pdf2xml v2.0 was discovered to contain a memory leak in the 
function T ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ab16bd58212d6e92541b13c36c45da1194d87af7

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ab16bd58212d6e92541b13c36c45da1194d87af7
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to