Utkarsh Gupta pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
c0c4b8f7 by Utkarsh Gupta at 2021-12-27T02:05:19+05:30
Mark CVE-2021-41500/cvxopt as no-dsa for stretch
- - - - -
11c89e59 by Utkarsh Gupta at 2021-12-27T02:05:47+05:30
Mark CVE-2021-40393/gerbv as no-dsa for stretch
- - - - -
850567e9 by Utkarsh Gupta at 2021-12-27T02:06:19+05:30
Mark CVE-2021-40394/gerbv as no-dsa for stretch
- - - - -
a9b21452 by Utkarsh Gupta at 2021-12-27T02:08:08+05:30
Mark CVE-2021-44273/e2guardian as no-dsa for stretch
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -4498,6 +4498,7 @@ CVE-2021-44274
RESERVED
CVE-2021-44273 (e2guardian v5.4.x <= v5.4.3r is affected by missing SSL
certificate ...)
- e2guardian <unfixed>
+ [stretch] - e2guardian <no-dsa> (Minor issue; can be fixed later)
NOTE: https://www.openwall.com/lists/oss-security/2021/12/23/2
NOTE: https://github.com/e2guardian/e2guardian/issues/707
NOTE: Fixed by:
https://github.com/e2guardian/e2guardian/commit/eae46a7e2a57103aadca903c4a24cca94dc502a2
@@ -14708,6 +14709,7 @@ CVE-2021-41500 (Incomplete string comparison
vulnerability exits in cvxopt.org c
- cvxopt 1.2.7+dfsg-1
[bullseye] - cvxopt <no-dsa> (Minor issue)
[buster] - cvxopt <no-dsa> (Minor issue)
+ [stretch] - cvxopt <no-dsa> (Minor issue)
NOTE: https://github.com/cvxopt/cvxopt/issues/193
CVE-2021-41499 (Buffer Overflow Vulnerability exists in ajaxsoundstudio.com n
Pyo < ...)
- python-pyo 1.0.4-1
@@ -17372,6 +17374,7 @@ CVE-2021-40394 (An out-of-bounds write vulnerability
exists in the RS-274X apert
- gerbv 2.8.1-1
[bullseye] - gerbv <no-dsa> (Minor issue)
[buster] - gerbv <no-dsa> (Minor issue)
+ [stretch] - gerbv <no-dsa> (Minor issue)
NOTE:
https://talosintelligence.com/vulnerability_reports/TALOS-2021-1405
NOTE: https://github.com/advisories/GHSA-936x-jwpc-5p28
NOTE:
https://github.com/gerbv/gerbv/commit/8d7e005f8783d92de74192af21303619bef7541f
(v2.8.1-rc.1)
@@ -17379,6 +17382,7 @@ CVE-2021-40393 (An out-of-bounds write vulnerability
exists in the RS-274X apert
- gerbv 2.8.2-1
[bullseye] - gerbv <no-dsa> (Minor issue)
[buster] - gerbv <no-dsa> (Minor issue)
+ [stretch] - gerbv <no-dsa> (Minor issue)
NOTE:
https://talosintelligence.com/vulnerability_reports/TALOS-2021-1404
NOTE: https://github.com/advisories/GHSA-w67q-2hr6-7cjf
NOTE:
https://github.com/gerbv/gerbv/commit/4d12b696aed19fbcc115fe83aa7597b7c42ba8d6
(v2.8.2-rc.1)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/8bb9e0bcdc8e9984f3712cb90a83617208f9a897...a9b2145212e125df955a2631fc7b87c449eed239
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/8bb9e0bcdc8e9984f3712cb90a83617208f9a897...a9b2145212e125df955a2631fc7b87c449eed239
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
