[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) Sat, 20 Nov 2021 12:10:41 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
655f115d by security tracker role at 2021-11-20T20:10:20+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,19 @@
+CVE-2021-44078
+       RESERVED
+CVE-2021-44077
+       RESERVED
+CVE-2021-3991
+       RESERVED
+CVE-2021-3990
+       RESERVED
+CVE-2021-3989
+       RESERVED
+CVE-2021-3988
+       RESERVED
+CVE-2021-3987
+       RESERVED
+CVE-2021-3986
+       RESERVED
 CVE-2021-44076
        RESERVED
 CVE-2021-44075
@@ -9917,7 +9933,6 @@ CVE-2021-41229 (BlueZ is a Bluetooth protocol stack for 
Linux. In affected versi
        [stretch] - bluez <no-dsa> (Minor issue)
        NOTE: 
https://github.com/bluez/bluez/security/advisories/GHSA-3fqg-r8j5-f5xq
        NOTE: Introduced by: 
https://git.kernel.org/pub/scm/bluetooth/bluez.git/commit/?id=d939483328489fb835bb425d36f7c7c73d52c388
 (4.0)
-
        NOTE: Fixed by: 
https://git.kernel.org/pub/scm/bluetooth/bluez.git/commit/?id=e79417ed7185b150a056d4eb3a1ab528b91d2fc0
 CVE-2021-41228 (TensorFlow is an open source platform for machine learning. In 
affecte ...)
        - tensorflow <itp> (bug #804612)
@@ -26273,10 +26288,10 @@ CVE-2021-34402
        RESERVED
 CVE-2021-34401
        RESERVED
-CVE-2021-34400
-       RESERVED
-CVE-2021-34399
-       RESERVED
+CVE-2021-34400 (NVIDIA GPU and Tegra hardware contain a vulnerability in the 
internal  ...)
+       TODO: check
+CVE-2021-34399 (NVIDIA GPU and Tegra hardware contain a vulnerability in the 
internal  ...)
+       TODO: check
 CVE-2021-34398 (NVIDIA DCGM, all versions prior to 2.2.9, contains a 
vulnerability in  ...)
        NOT-FOR-US: NVIDIA
 CVE-2021-34397 (Bootloader contains a vulnerability in NVIDIA MB2, which may 
cause fre ...)
@@ -45029,12 +45044,12 @@ CVE-2021-26937 (encoding.c in GNU Screen through 
4.8.0 allows remote attackers t
        NOTE: https://www.openwall.com/lists/oss-security/2021/02/09/3
        NOTE: https://savannah.gnu.org/bugs/?60030
        NOTE: First patch applied in -4, but revised patch applied in -5 which 
fixed regressions
-CVE-2021-23219
-       RESERVED
-CVE-2021-23217
-       RESERVED
-CVE-2021-23201
-       RESERVED
+CVE-2021-23219 (NVIDIA GPU and Tegra hardware contain a vulnerability in the 
internal  ...)
+       TODO: check
+CVE-2021-23217 (NVIDIA GPU and Tegra hardware contain a vulnerability in the 
internal  ...)
+       TODO: check
+CVE-2021-23201 (NVIDIA GPU and Tegra hardware contain a vulnerability in an 
internal m ...)
+       TODO: check
 CVE-2020-36244 (The daemon in GENIVI diagnostic log and trace (DLT), is 
vulnerable to  ...)
        - dlt-daemon 2.18.6-1
        [buster] - dlt-daemon <no-dsa> (Minor issue)
@@ -70050,8 +70065,8 @@ CVE-2020-28578 (A vulnerability in Trend Micro 
InterScan Web Security Virtual Ap
        NOT-FOR-US: Trend Micro
 CVE-2020-28577 (An improper access control information disclosure 
vulnerability in Tre ...)
        NOT-FOR-US: Trend Micro
-CVE-2021-1125
-       RESERVED
+CVE-2021-1125 (NVIDIA GPU and Tegra hardware contain a vulnerability in the 
internal  ...)
+       TODO: check
 CVE-2021-1124
        RESERVED
 CVE-2021-1123 (NVIDIA vGPU software contains a vulnerability in the Virtual 
GPU Manag ...)
@@ -70090,8 +70105,8 @@ CVE-2021-1107 (NVIDIA Linux kernel distributions 
contain a vulnerability in nvma
        NOT-FOR-US: NVIDIA
 CVE-2021-1106 (NVIDIA Linux kernel distributions contain a vulnerability in 
nvmap, wh ...)
        NOT-FOR-US: NVIDIA
-CVE-2021-1105
-       RESERVED
+CVE-2021-1105 (NVIDIA GPU and Tegra hardware contain a vulnerability in the 
internal  ...)
+       TODO: check
 CVE-2021-1104 (The RISC-V Instruction Set Manual contains a documented 
ambiguity for  ...)
        NOT-FOR-US: RISC-V
 CVE-2021-1103 (NVIDIA vGPU software contains a vulnerability in the Virtual 
GPU Manag ...)
@@ -70158,8 +70173,8 @@ CVE-2021-1090 (NVIDIA GPU Display Driver for Windows 
and Linux contains a vulner
        NOTE: CVE description is wrong, per 
https://nvidia.custhelp.com/app/answers/detail/a_id/5211 only for Windows
 CVE-2021-1089 (NVIDIA GPU Display Driver for Windows contains a vulnerability 
in nvid ...)
        NOT-FOR-US: NVIDIA GPU Display Driver for Windows
-CVE-2021-1088
-       RESERVED
+CVE-2021-1088 (NVIDIA GPU and Tegra hardware contain a vulnerability in the 
internal  ...)
+       TODO: check
 CVE-2021-1087 (NVIDIA vGPU driver contains a vulnerability in the Virtual GPU 
Manager ...)
        NOT-FOR-US: NVIDIA vGPU driver
 CVE-2021-1086 (NVIDIA vGPU driver contains a vulnerability in the Virtual GPU 
Manager ...)
@@ -272978,7 +272993,7 @@ CVE-2017-11511 (The ManageEngine ServiceDesk 9.3.9328 
is vulnerable to arbitrary
 CVE-2017-11510 (An information leak exists in Wanscam's HW0021 network camera 
that all ...)
        NOT-FOR-US: Wanscam's HW0021 network camera
 CVE-2017-11509 (An authenticated remote attacker can execute arbitrary code in 
Firebir ...)
-       {DLA-2129-1 DLA-1374-1}
+       {DLA-2824-1 DLA-2129-1 DLA-1374-1}
        - firebird3.0 3.0.3.32900.ds4-3
        - firebird2.5 <removed>
        NOTE: https://www.tenable.com/security/research/tra-2017-36



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/655f115d5da5d584f18bcd47b9ecb346629796e5

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/655f115d5da5d584f18bcd47b9ecb346629796e5
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to