bullseye triage

Moritz Muehlenhoff (@jmm) Fri, 19 Nov 2021 08:35:08 -0800


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
ca0a644c by Moritz Muehlenhoff at 2021-11-19T17:33:25+01:00
buster/bullseye triage

- - - - -


2 changed files:

- data/CVE/list
- data/dsa-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -75,6 +75,8 @@ CVE-2021-3976
 CVE-2021-3975 [segmentation fault during VM shutdown can lead to vdsm hung]
        RESERVED
        - libvirt 7.6.0-1
+       [bullseye] - libvirt <no-dsa> (Minor issue)
+       [buster] - libvirt <no-dsa> (Minor issue)
        NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2024326
        NOTE: Fixed by: 
https://github.com/libvirt/libvirt/commit/1ac703a7d0789e46833f4013a3876c2e3af18ec7
 (v7.1.0-rc2)
 CVE-2021-44025 (Roundcube before 1.3.17 and 1.4.x before 1.4.12 is prone to 
XSS in han ...)
@@ -2234,8 +2236,14 @@ CVE-2021-43520
 CVE-2021-43519 (Stack overflow in lua_resume of ldo.c in Lua Interpreter 
5.1.0~5.4.4 a ...)
        - lua5.4 <unfixed>
        - lua5.3 <unfixed>
+       [bullseye] - lua5.3 <no-dsa> (Minor issue)
+       [buster] - lua5.3 <no-dsa> (Minor issue)
        - lua5.2 <unfixed>
+       [bullseye] - lua5.2 <no-dsa> (Minor issue)
+       [buster] - lua5.2 <no-dsa> (Minor issue)
        - lua5.1 <unfixed>
+       [bullseye] - lua5.1 <no-dsa> (Minor issue)
+       [buster] - lua5.1 <no-dsa> (Minor issue)
        NOTE: http://lua-users.org/lists/lua-l/2021-10/msg00123.html
        NOTE: http://lua-users.org/lists/lua-l/2021-11/msg00015.html
        NOTE: Fixed by: 
https://github.com/lua/lua/commit/74d99057a5146755e737c479850f87fd0e3b6868
@@ -5096,11 +5104,15 @@ CVE-2021-42717
        RESERVED
 CVE-2021-42716 (An issue was discovered in stb stb_image.h 2.27. The PNM 
loader incorr ...)
        - libstb <unfixed>
+       [bullseye] - libstb <no-dsa> (Minor issue)
+       [buster] - libstb <no-dsa> (Minor issue)
        NOTE: https://github.com/nothings/stb/issues/1166
        NOTE: https://github.com/nothings/stb/issues/1225
        NOTE: https://github.com/nothings/stb/pull/1223
 CVE-2021-42715 (An issue was discovered in stb stb_image.h 1.33 through 2.27. 
The HDR  ...)
        - libstb <unfixed>
+       [bullseye] - libstb <no-dsa> (Minor issue)
+       [buster] - libstb <no-dsa> (Minor issue)
        NOTE: https://github.com/nothings/stb/issues/1224
        NOTE: https://github.com/nothings/stb/pull/1223
 CVE-2021-42714


=====================================
data/dsa-needed.txt
=====================================
@@ -55,3 +55,5 @@ trafficserver (jmm)
 --
 varnish
 --
+wireshark
+--



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ca0a644cbf14fd2ef7bde52692ef572a4de15ce4

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ca0a644cbf14fd2ef7bde52692ef572a4de15ce4
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] buster/bullseye triage

Reply via email to