[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) Mon, 27 Dec 2021 00:10:31 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
0f62dde9 by security tracker role at 2021-12-27T08:10:10+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,141 @@
+CVE-2021-45720 (An issue was discovered in the lru crate before 0.7.1 for 
Rust. The it ...)
+       TODO: check
+CVE-2021-45719 (An issue was discovered in the rusqlite crate 0.25.x before 
0.25.4 and ...)
+       TODO: check
+CVE-2021-45718 (An issue was discovered in the rusqlite crate 0.25.x before 
0.25.4 and ...)
+       TODO: check
+CVE-2021-45717 (An issue was discovered in the rusqlite crate 0.25.x before 
0.25.4 and ...)
+       TODO: check
+CVE-2021-45716 (An issue was discovered in the rusqlite crate 0.25.x before 
0.25.4 and ...)
+       TODO: check
+CVE-2021-45715 (An issue was discovered in the rusqlite crate 0.25.x before 
0.25.4 and ...)
+       TODO: check
+CVE-2021-45714 (An issue was discovered in the rusqlite crate 0.25.x before 
0.25.4 and ...)
+       TODO: check
+CVE-2021-45713 (An issue was discovered in the rusqlite crate 0.25.x before 
0.25.4 and ...)
+       TODO: check
+CVE-2021-45712 (An issue was discovered in the rust-embed crate before 6.3.0 
for Rust. ...)
+       TODO: check
+CVE-2021-45711 (An issue was discovered in the simple_asn1 crate 0.6.0 before 
0.6.1 fo ...)
+       TODO: check
+CVE-2021-45710 (An issue was discovered in the tokio crate before 1.8.4, and 
1.9.x thr ...)
+       TODO: check
+CVE-2021-45709 (An issue was discovered in the crypto2 crate through 
2021-10-08 for Ru ...)
+       TODO: check
+CVE-2021-45708 (An issue was discovered in the abomonation crate through 
2021-10-17 fo ...)
+       TODO: check
+CVE-2021-45707 (An issue was discovered in the nix crate before 0.20.2, 0.21.x 
before  ...)
+       TODO: check
+CVE-2021-45706 (An issue was discovered in the zeroize_derive crate before 
1.1.1 for R ...)
+       TODO: check
+CVE-2021-45705 (An issue was discovered in the nanorand crate before 0.6.1 for 
Rust. T ...)
+       TODO: check
+CVE-2021-45704 (An issue was discovered in the metrics-util crate before 0.7.0 
for Rus ...)
+       TODO: check
+CVE-2021-45703 (An issue was discovered in the tectonic_xdv crate before 
0.1.12 for Ru ...)
+       TODO: check
+CVE-2021-45702 (An issue was discovered in the tremor-script crate before 
0.11.6 for R ...)
+       TODO: check
+CVE-2021-45701 (An issue was discovered in the tremor-script crate before 
0.11.6 for R ...)
+       TODO: check
+CVE-2021-45700 (An issue was discovered in the ckb crate before 0.40.0 for 
Rust. Attac ...)
+       TODO: check
+CVE-2021-45699 (An issue was discovered in the ckb crate before 0.40.0 for 
Rust. Remot ...)
+       TODO: check
+CVE-2021-45698 (An issue was discovered in the ckb crate before 0.40.0 for 
Rust. A get ...)
+       TODO: check
+CVE-2021-45697 (An issue was discovered in the molecule crate before 0.7.2 for 
Rust. A ...)
+       TODO: check
+CVE-2021-45696 (An issue was discovered in the sha2 crate 0.9.7 before 0.9.8 
for Rust. ...)
+       TODO: check
+CVE-2021-45695 (An issue was discovered in the mopa crate through 2021-06-01 
for Rust. ...)
+       TODO: check
+CVE-2021-45694 (An issue was discovered in the rdiff crate through 2021-02-03 
for Rust ...)
+       TODO: check
+CVE-2021-45693 (An issue was discovered in the messagepack-rs crate through 
2021-01-26 ...)
+       TODO: check
+CVE-2021-45692 (An issue was discovered in the messagepack-rs crate through 
2021-01-26 ...)
+       TODO: check
+CVE-2021-45691 (An issue was discovered in the messagepack-rs crate through 
2021-01-26 ...)
+       TODO: check
+CVE-2021-45690 (An issue was discovered in the messagepack-rs crate through 
2021-01-26 ...)
+       TODO: check
+CVE-2021-45689 (An issue was discovered in the gfx-auxil crate through 
2021-01-07 for  ...)
+       TODO: check
+CVE-2021-45688 (An issue was discovered in the ash crate before 0.33.1 for 
Rust. util: ...)
+       TODO: check
+CVE-2021-45687 (An issue was discovered in the raw-cpuid crate before 9.1.1 
for Rust.  ...)
+       TODO: check
+CVE-2021-45686 (An issue was discovered in the csv-sniffer crate through 
2021-01-05 fo ...)
+       TODO: check
+CVE-2021-45685 (An issue was discovered in the columnar crate through 
2021-01-07 for R ...)
+       TODO: check
+CVE-2021-45684 (An issue was discovered in the flumedb crate through 
2021-01-07 for Ru ...)
+       TODO: check
+CVE-2021-45683 (An issue was discovered in the binjs_io crate through 
2021-01-03 for R ...)
+       TODO: check
+CVE-2021-45682 (An issue was discovered in the bronzedb-protocol crate through 
2021-01 ...)
+       TODO: check
+CVE-2021-45681 (An issue was discovered in the derive-com-impl crate before 
0.1.2 for  ...)
+       TODO: check
+CVE-2021-45680 (An issue was discovered in the vec-const crate before 2.0.0 
for Rust.  ...)
+       TODO: check
+CVE-2021-45111
+       RESERVED
+CVE-2021-45071
+       RESERVED
+CVE-2021-44547
+       RESERVED
+CVE-2021-44476
+       RESERVED
+CVE-2021-44475
+       RESERVED
+CVE-2021-44461
+       RESERVED
+CVE-2021-44460
+       RESERVED
+CVE-2021-4178
+       RESERVED
+CVE-2021-4177
+       RESERVED
+CVE-2021-4176
+       RESERVED
+CVE-2021-4175
+       RESERVED
+CVE-2021-26947
+       RESERVED
+CVE-2021-23186
+       RESERVED
+CVE-2021-23178
+       RESERVED
+CVE-2021-23176
+       RESERVED
+CVE-2021-23166
+       RESERVED
+CVE-2020-36514 (An issue was discovered in the acc_reader crate through 
2020-12-27 for ...)
+       TODO: check
+CVE-2020-36513 (An issue was discovered in the acc_reader crate through 
2020-12-27 for ...)
+       TODO: check
+CVE-2020-36512 (An issue was discovered in the buffoon crate through 
2020-12-31 for Ru ...)
+       TODO: check
+CVE-2020-36511 (An issue was discovered in the bite crate through 2020-12-31 
for Rust. ...)
+       TODO: check
+CVE-2019-25055 (An issue was discovered in the libpulse-binding crate before 
2.6.0 for ...)
+       TODO: check
+CVE-2019-25054 (An issue was discovered in the pnet crate before 0.27.2 for 
Rust. Ther ...)
+       TODO: check
+CVE-2018-25028 (An issue was discovered in the libpulse-binding crate before 
1.2.1 for ...)
+       TODO: check
+CVE-2018-25027 (An issue was discovered in the libpulse-binding crate before 
1.2.1 for ...)
+       TODO: check
+CVE-2018-25026 (An issue was discovered in the actix-web crate before 0.7.15 
for Rust. ...)
+       TODO: check
+CVE-2018-25025 (An issue was discovered in the actix-web crate before 0.7.15 
for Rust. ...)
+       TODO: check
+CVE-2018-25024 (An issue was discovered in the actix-web crate before 0.7.15 
for Rust. ...)
+       TODO: check
+CVE-2018-25023 (An issue was discovered in the smallvec crate before 0.6.13 
for Rust.  ...)
+       TODO: check
 CVE-2021-4174
        RESERVED
 CVE-2021-4173
@@ -2013,7 +2151,7 @@ CVE-2022-21945
 CVE-2022-21944
        RESERVED
 CVE-2021-45105 (Apache Log4j2 versions 2.0-alpha1 through 2.16.0 (excluding 
2.12.3) di ...)
-       {DSA-5024-1}
+       {DSA-5024-1 DLA-2852-1}
        - apache-log4j2 2.17.0-1 (bug #1001891)
        NOTE: https://logging.apache.org/log4j/2.x/security.html#CVE-2021-45105
        NOTE: https://issues.apache.org/jira/browse/LOG4J2-3230
@@ -13919,6 +14057,7 @@ CVE-2021-41820
        RESERVED
 CVE-2021-41819 [Cookie Prefix Spoofing in CGI::Cookie.parse]
        RESERVED
+       {DLA-2853-1}
        - ruby3.0 <unfixed>
        - ruby2.7 2.7.5-1
        - ruby2.5 <removed>
@@ -13930,6 +14069,7 @@ CVE-2021-41818
        RESERVED
 CVE-2021-41817 [Regular Expression Denial of Service Vulnerability of Date 
Parsing Methods]
        RESERVED
+       {DLA-2853-1}
        - ruby3.0 <unfixed>
        - ruby2.7 2.7.5-1
        - ruby2.5 <removed>
@@ -125413,6 +125553,7 @@ CVE-2020-9489 (A carefully crafted or corrupt file 
may trigger a System.exit in
        [jessie] - tika <ignored> (the fix is too invasive to backport)
        NOTE: https://www.openwall.com/lists/oss-security/2020/04/24/1
 CVE-2020-9488 (Improper validation of certificate with host mismatch in Apache 
Log4j  ...)
+       {DLA-2852-1}
        - apache-log4j2 2.13.3-1 (bug #959450)
        [buster] - apache-log4j2 2.15.0-1~deb10u1
        [jessie] - apache-log4j2 <no-dsa> (Minor issue; set 
mail.smtp.ssl.checkserveridentity to true to enable hostname verification)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0f62dde9629170452511821da87828875b6bc860

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0f62dde9629170452511821da87828875b6bc860
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to