Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
64669bda by security tracker role at 2022-01-25T20:10:20+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,49 @@
+CVE-2022-23947
+ RESERVED
+CVE-2022-23946
+ RESERVED
+CVE-2022-23945 (Missing authentication on ShenYu Admin when register by HTTP.
This iss ...)
+ TODO: check
+CVE-2022-23944 (User can access /plugin api without authentication. This issue
affecte ...)
+ TODO: check
+CVE-2022-23943
+ RESERVED
+CVE-2022-23942
+ RESERVED
+CVE-2022-21184
+ RESERVED
+CVE-2022-0368
+ RESERVED
+CVE-2022-0367
+ RESERVED
+CVE-2022-0366
+ RESERVED
+CVE-2022-0365
+ RESERVED
+CVE-2022-0364
+ RESERVED
+CVE-2022-0363
+ RESERVED
+CVE-2022-0362
+ RESERVED
+CVE-2022-0361
+ RESERVED
+CVE-2022-0360
+ RESERVED
+CVE-2022-0359
+ RESERVED
+CVE-2022-0358
+ RESERVED
+CVE-2022-0357
+ RESERVED
+CVE-2022-0356
+ RESERVED
+CVE-2021-4215
+ RESERVED
+CVE-2021-4214
+ RESERVED
+CVE-2021-4213
+ RESERVED
CVE-2022-23941
RESERVED
CVE-2022-23940
@@ -161,8 +207,8 @@ CVE-2022-23865
RESERVED
CVE-2022-0352
RESERVED
-CVE-2022-0351
- RESERVED
+CVE-2022-0351 (Access of Memory Location Before Start of Buffer in Conda vim
prior to ...)
+ TODO: check
CVE-2022-0350
RESERVED
CVE-2022-0349
@@ -535,8 +581,8 @@ CVE-2022-23849
RESERVED
CVE-2022-0339
RESERVED
-CVE-2022-0338
- RESERVED
+CVE-2022-0338 (Improper Privilege Management in Conda loguru prior to 0.5.3.
...)
+ TODO: check
CVE-2022-23848
RESERVED
CVE-2022-23847
@@ -1878,8 +1924,8 @@ CVE-2022-0270
RESERVED
CVE-2022-0269 (Cross-Site Request Forgery (CSRF) in Packagist
yetiforce/yetiforce-crm ...)
TODO: check
-CVE-2022-0268
- RESERVED
+CVE-2022-0268 (Cross-site Scripting (XSS) - Stored in Packagist getgrav/grav
prior to ...)
+ TODO: check
CVE-2022-0267
RESERVED
CVE-2021-46399
@@ -2366,8 +2412,8 @@ CVE-2022-23225
RESERVED
CVE-2022-23224
RESERVED
-CVE-2022-23223
- RESERVED
+CVE-2022-23223 (The HTTP response will disclose the user password. This issue
affected ...)
+ TODO: check
CVE-2022-23221 (H2 Console before 2.1.210 allows remote attackers to execute
arbitrary ...)
- h2database <unfixed>
NOTE:
https://github.com/h2database/h2database/releases/tag/version-2.1.210
@@ -2996,20 +3042,17 @@ CVE-2022-23037
RESERVED
CVE-2022-23036
RESERVED
-CVE-2022-23035
- RESERVED
+CVE-2022-23035 (Insufficient cleanup of passed-through device IRQs The
management of I ...)
- xen <unfixed>
[buster] - xen <end-of-life> (DSA 4677-1)
[stretch] - xen <end-of-life> (DSA 4602-1)
NOTE: https://xenbits.xen.org/xsa/advisory-395.html
-CVE-2022-23034
- RESERVED
+CVE-2022-23034 (A PV guest could DoS Xen while unmapping a grant To address
XSA-380, r ...)
- xen <unfixed>
[buster] - xen <end-of-life> (DSA 4677-1)
[stretch] - xen <end-of-life> (DSA 4602-1)
NOTE: https://xenbits.xen.org/xsa/advisory-394.html
-CVE-2022-23033
- RESERVED
+CVE-2022-23033 (arm: guest_physmap_remove_page not removing the p2m mappings
The funct ...)
- xen <unfixed>
[buster] - xen <end-of-life> (DSA 4677-1)
[stretch] - xen <end-of-life> (DSA 4602-1)
@@ -3978,7 +4021,7 @@ CVE-2022-22748
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2022-03/#CVE-2022-22748
CVE-2022-22747
RESERVED
- {DSA-5045-1 DSA-5044-1 DLA-2881-1 DLA-2880-1}
+ {DSA-5045-1 DSA-5044-1 DLA-2898-1 DLA-2881-1 DLA-2880-1}
- nss 2:3.73-1
- firefox 96.0-1
- firefox-esr 91.5.0esr-1
@@ -5352,8 +5395,8 @@ CVE-2021-46115
RESERVED
CVE-2021-46114
RESERVED
-CVE-2021-46113
- RESERVED
+CVE-2021-46113 (In MartDevelopers KEA-Hotel-ERP open source as of 12-31-2021,
a remote ...)
+ TODO: check
CVE-2021-46112
RESERVED
CVE-2021-46111
@@ -5400,20 +5443,20 @@ CVE-2021-46091
RESERVED
CVE-2021-46090
RESERVED
-CVE-2021-46089
- RESERVED
+CVE-2021-46089 (In JeecgBoot 3.0, there is a SQL injection vulnerability that
can oper ...)
+ TODO: check
CVE-2021-46088
RESERVED
-CVE-2021-46087
- RESERVED
-CVE-2021-46086
- RESERVED
-CVE-2021-46085
- RESERVED
-CVE-2021-46084
- RESERVED
-CVE-2021-46083
- RESERVED
+CVE-2021-46087 (In jfinal_cms >= 5.1 0, there is a storage XSS
vulnerability in the ...)
+ TODO: check
+CVE-2021-46086 (xzs-mysql >= t3.4.0 is vulnerable to Insecure Permissions.
The fron ...)
+ TODO: check
+CVE-2021-46085 (OneBlog <= 2.2.8 is vulnerable to Insecure Permissions. Low
level a ...)
+ TODO: check
+CVE-2021-46084 (uscat, as of 2021-12-28, is vulnerable to Cross Site Scripting
(XSS) v ...)
+ TODO: check
+CVE-2021-46083 (uscat, as of 2021-12-28, is vulnerable to Cross Site Scripting
(XSS) v ...)
+ TODO: check
CVE-2021-46082
RESERVED
CVE-2021-46081
@@ -5552,10 +5595,10 @@ CVE-2021-46036
RESERVED
CVE-2021-46035
RESERVED
-CVE-2021-46034
- RESERVED
-CVE-2021-46033
- RESERVED
+CVE-2021-46034 (A problem was found in ForestBlog, as of 2021-12-29, there is
a XSS vu ...)
+ TODO: check
+CVE-2021-46033 (In ForestBlog, as of 2021-12-28, File upload can bypass
verification. ...)
+ TODO: check
CVE-2021-46032
RESERVED
CVE-2021-46031
@@ -6350,14 +6393,14 @@ CVE-2021-45849
RESERVED
CVE-2021-45848
RESERVED
-CVE-2021-45847
- RESERVED
-CVE-2021-45846
- RESERVED
-CVE-2021-45845
- RESERVED
-CVE-2021-45844
- RESERVED
+CVE-2021-45847 (Several missing input validations in the 3MF parser component
of Slic3 ...)
+ TODO: check
+CVE-2021-45846 (A flaw in the AMF parser of Slic3r libslic3r 1.3.0 allows an
attacker ...)
+ TODO: check
+CVE-2021-45845 (The Path Sanity Check script of FreeCAD 0.19 is vulnerable to
OS comma ...)
+ TODO: check
+CVE-2021-45844 (Improper sanitization in the invocation of ODA File Converter
from Fre ...)
+ TODO: check
CVE-2021-45843 (glFusion CMS v1.7.9 is affected by a reflected Cross Site
Scripting (X ...)
NOT-FOR-US: glFusion CMS
CVE-2021-45842
@@ -6440,10 +6483,10 @@ CVE-2021-45805
RESERVED
CVE-2021-45804
RESERVED
-CVE-2021-45803
- RESERVED
-CVE-2021-45802
- RESERVED
+CVE-2021-45803 (MartDevelopers iResturant 1.0 is vulnerable to SQL Injection.
SQL Inje ...)
+ TODO: check
+CVE-2021-45802 (MartDevelopers iResturant 1.0 is vulnerable to SQL Injection.
SQL Inje ...)
+ TODO: check
CVE-2021-45801
RESERVED
CVE-2021-45800
@@ -8002,14 +8045,14 @@ CVE-2021-45345
RESERVED
CVE-2021-45344
RESERVED
-CVE-2021-45343
- RESERVED
-CVE-2021-45342
- RESERVED
-CVE-2021-45341
- RESERVED
-CVE-2021-45340
- RESERVED
+CVE-2021-45343 (In LibreCAD 2.2.0, a NULL pointer dereference in the HATCH
handling of ...)
+ TODO: check
+CVE-2021-45342 (A buffer overflow vulnerability in CDataList of the jwwlib
component o ...)
+ TODO: check
+CVE-2021-45341 (A buffer overflow vulnerability in CDataMoji of the jwwlib
component o ...)
+ TODO: check
+CVE-2021-45340 (In Libsixel prior to and including v1.10.3, a NULL pointer
dereference ...)
+ TODO: check
CVE-2021-45339 (Privilege escalation vulnerability in Avast Antivirus prior to
20.4 al ...)
NOT-FOR-US: Avast Antivirus
CVE-2021-45338 (Multiple privilege escalation vulnerabilities in Avast
Antivirus prior ...)
@@ -9327,8 +9370,8 @@ CVE-2021-45031
RESERVED
CVE-2021-45030
RESERVED
-CVE-2021-45029
- RESERVED
+CVE-2021-45029 (Groovy Code Injection & SpEL Injection which lead to
Remote Code E ...)
+ TODO: check
CVE-2021-45028
RESERVED
CVE-2021-45027
@@ -11269,6 +11312,7 @@ CVE-2021-44354
RESERVED
CVE-2021-4034
RESERVED
+ {DSA-5059-1 DLA-2899-1}
- policykit-1 0.105-31.1
NOTE: https://www.qualys.com/2022/01/25/cve-2021-4034/pwnkit.txt
NOTE:
https://gitlab.freedesktop.org/polkit/polkit/-/commit/a2bf5c9c83b6ae46cbd5c779d3055bff81ded683
@@ -12585,8 +12629,8 @@ CVE-2022-21699 (IPython (Interactive Python) is a
command shell for interactive
NOTE:
https://ipython.readthedocs.io/en/stable/whatsnew/version8.html#ipython-8-0-1-cve-2022-21699
CVE-2022-21698
RESERVED
-CVE-2022-21697
- RESERVED
+CVE-2022-21697 (Jupyter Server Proxy is a Jupyter notebook server extension to
proxy w ...)
+ TODO: check
CVE-2022-21696 (OnionShare is an open source tool that lets you securely and
anonymous ...)
- onionshare <unfixed>
NOTE:
https://github.com/onionshare/onionshare/security/advisories/GHSA-68vr-8f46-vc9f
@@ -12930,8 +12974,8 @@ CVE-2021-43865
RESERVED
CVE-2021-43864
RESERVED
-CVE-2021-43863
- RESERVED
+CVE-2021-43863 (The Nextcloud Android app is the Android client for Nextcloud,
a self- ...)
+ TODO: check
CVE-2021-43862 (jQuery Terminal Emulator is a plugin for creating command line
interpr ...)
NOT-FOR-US: jQuery Terminal Emulator
CVE-2021-43861 (Mermaid is a Javascript based diagramming and charting tool
that uses ...)
@@ -13730,11 +13774,11 @@ CVE-2022-21367 (Vulnerability in the MySQL Server
product of Oracle MySQL (compo
- mysql-5.7 <removed>
- mysql-8.0 <unfixed>
CVE-2022-21366 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise
Edition ...)
- {DSA-5057-1}
+ {DSA-5058-1 DSA-5057-1}
- openjdk-11 11.0.14+9-1
- openjdk-17 17.0.2+8-1
CVE-2022-21365 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise
Edition ...)
- {DSA-5057-1}
+ {DSA-5058-1 DSA-5057-1}
- openjdk-8 <unfixed>
- openjdk-11 11.0.14+9-1
- openjdk-17 17.0.2+8-1
@@ -13747,7 +13791,7 @@ CVE-2022-21362 (Vulnerability in the MySQL Server
product of Oracle MySQL (compo
CVE-2022-21361 (Vulnerability in the Oracle WebLogic Server product of Oracle
Fusion M ...)
NOT-FOR-US: Oracle
CVE-2022-21360 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise
Edition ...)
- {DSA-5057-1}
+ {DSA-5058-1 DSA-5057-1}
- openjdk-8 <unfixed>
- openjdk-11 11.0.14+9-1
- openjdk-17 17.0.2+8-1
@@ -13789,12 +13833,12 @@ CVE-2022-21343
CVE-2022-21342 (Vulnerability in the MySQL Server product of Oracle MySQL
(component: ...)
- mysql-8.0 <unfixed>
CVE-2022-21341 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise
Edition ...)
- {DSA-5057-1}
+ {DSA-5058-1 DSA-5057-1}
- openjdk-8 <unfixed>
- openjdk-11 11.0.14+9-1
- openjdk-17 17.0.2+8-1
CVE-2022-21340 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise
Edition ...)
- {DSA-5057-1}
+ {DSA-5058-1 DSA-5057-1}
- openjdk-8 <unfixed>
- openjdk-11 11.0.14+9-1
- openjdk-17 17.0.2+8-1
@@ -13867,7 +13911,7 @@ CVE-2022-21307 (Vulnerability in the MySQL Cluster
product of Oracle MySQL (comp
CVE-2022-21306 (Vulnerability in the Oracle WebLogic Server product of Oracle
Fusion M ...)
NOT-FOR-US: Oracle
CVE-2022-21305 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise
Edition ...)
- {DSA-5057-1}
+ {DSA-5058-1 DSA-5057-1}
- openjdk-8 <unfixed>
- openjdk-11 11.0.14+9-1
- openjdk-17 17.0.2+8-1
@@ -13884,7 +13928,7 @@ CVE-2022-21301 (Vulnerability in the MySQL Server
product of Oracle MySQL (compo
CVE-2022-21300 (Vulnerability in the PeopleSoft Enterprise CS SA Integration
Pack prod ...)
NOT-FOR-US: Oracle
CVE-2022-21299 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise
Edition ...)
- {DSA-5057-1}
+ {DSA-5058-1 DSA-5057-1}
- openjdk-8 <unfixed>
- openjdk-11 11.0.14+9-1
- openjdk-17 17.0.2+8-1
@@ -13893,26 +13937,26 @@ CVE-2022-21298 (Vulnerability in the Oracle Solaris
product of Oracle Systems (c
CVE-2022-21297 (Vulnerability in the MySQL Server product of Oracle MySQL
(component: ...)
- mysql-8.0 <unfixed>
CVE-2022-21296 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise
Edition ...)
- {DSA-5057-1}
+ {DSA-5058-1 DSA-5057-1}
- openjdk-8 <unfixed>
- openjdk-11 11.0.14+9-1
- openjdk-17 17.0.2+8-1
CVE-2022-21295 (Vulnerability in the Oracle VM VirtualBox product of Oracle
Virtualiza ...)
- virtualbox <not-affected> (Windows-specific)
CVE-2022-21294 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise
Edition ...)
- {DSA-5057-1}
+ {DSA-5058-1 DSA-5057-1}
- openjdk-8 <unfixed>
- openjdk-11 11.0.14+9-1
- openjdk-17 17.0.2+8-1
CVE-2022-21293 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise
Edition ...)
- {DSA-5057-1}
+ {DSA-5058-1 DSA-5057-1}
- openjdk-8 <unfixed>
- openjdk-11 11.0.14+9-1
- openjdk-17 17.0.2+8-1
CVE-2022-21292 (Vulnerability in the Oracle WebLogic Server product of Oracle
Fusion M ...)
NOT-FOR-US: Oracle
CVE-2022-21291 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise
Edition ...)
- {DSA-5057-1}
+ {DSA-5058-1 DSA-5057-1}
- openjdk-8 <unfixed>
- openjdk-11 11.0.14+9-1
- openjdk-17 17.0.2+8-1
@@ -13931,11 +13975,11 @@ CVE-2022-21285 (Vulnerability in the MySQL Cluster
product of Oracle MySQL (comp
CVE-2022-21284 (Vulnerability in the MySQL Cluster product of Oracle MySQL
(component: ...)
NOT-FOR-US: MySQL Cluster
CVE-2022-21283 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise
Edition ...)
- {DSA-5057-1}
+ {DSA-5058-1 DSA-5057-1}
- openjdk-11 11.0.14+9-1
- openjdk-17 17.0.2+8-1
CVE-2022-21282 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise
Edition ...)
- {DSA-5057-1}
+ {DSA-5058-1 DSA-5057-1}
- openjdk-8 <unfixed>
- openjdk-11 11.0.14+9-1
- openjdk-17 17.0.2+8-1
@@ -13948,7 +13992,7 @@ CVE-2022-21279 (Vulnerability in the MySQL Cluster
product of Oracle MySQL (comp
CVE-2022-21278 (Vulnerability in the MySQL Server product of Oracle MySQL
(component: ...)
- mysql-8.0 <unfixed>
CVE-2022-21277 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise
Edition ...)
- {DSA-5057-1}
+ {DSA-5058-1 DSA-5057-1}
- openjdk-11 11.0.14+9-1
- openjdk-17 17.0.2+8-1
CVE-2022-21276 (Vulnerability in the Oracle Communications Billing and Revenue
Managem ...)
@@ -14010,7 +14054,7 @@ CVE-2022-21250 (Vulnerability in the Oracle Trade
Management product of Oracle E
CVE-2022-21249 (Vulnerability in the MySQL Server product of Oracle MySQL
(component: ...)
- mysql-8.0 <unfixed>
CVE-2022-21248 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise
Edition ...)
- {DSA-5057-1}
+ {DSA-5058-1 DSA-5057-1}
- openjdk-8 <unfixed>
- openjdk-11 11.0.14+9-1
- openjdk-17 17.0.2+8-1
@@ -20992,8 +21036,8 @@ CVE-2021-41851
RESERVED
CVE-2021-3851 (firefly-iii is vulnerable to URL Redirection to Untrusted Site
...)
NOT-FOR-US: firefly-iii
-CVE-2021-3850
- RESERVED
+CVE-2021-3850 (Authentication Bypass by Primary Weakness in GitHub repository
adodb/a ...)
+ TODO: check
CVE-2021-3849
RESERVED
CVE-2021-41850
@@ -27989,8 +28033,8 @@ CVE-2021-39033
RESERVED
CVE-2021-39032 (IBM Sterling Gentran:Server for Microsoft Windows 5.3 stores
potential ...)
NOT-FOR-US: IBM
-CVE-2021-39031
- RESERVED
+CVE-2021-39031 (IBM WebSphere Application Server - Liberty 17.0.0.3 through
22.0.0.1 c ...)
+ TODO: check
CVE-2021-39030
RESERVED
CVE-2021-39029
@@ -38092,23 +38136,22 @@ CVE-2021-34872 (This vulnerability allows remote
attackers to execute arbitrary
NOT-FOR-US: Bentley View
CVE-2021-34871 (This vulnerability allows remote attackers to execute
arbitrary code o ...)
NOT-FOR-US: Bentley View
-CVE-2021-34870
- RESERVED
-CVE-2021-34869
- RESERVED
-CVE-2021-34868
- RESERVED
-CVE-2021-34867
- RESERVED
-CVE-2021-34866
- RESERVED
+CVE-2021-34870 (This vulnerability allows network-adjacent attackers to
disclose sensi ...)
+ TODO: check
+CVE-2021-34869 (This vulnerability allows local attackers to escalate
privileges on af ...)
+ TODO: check
+CVE-2021-34868 (This vulnerability allows local attackers to escalate
privileges on af ...)
+ TODO: check
+CVE-2021-34867 (This vulnerability allows local attackers to escalate
privileges on af ...)
+ TODO: check
+CVE-2021-34866 (This vulnerability allows local attackers to escalate
privileges on af ...)
- linux 5.14.6-1
[bullseye] - linux 5.10.70-1
[buster] - linux <not-affected> (Vulnerable code introduced later)
[stretch] - linux <not-affected> (Vulnerable code introduced later)
NOTE: Fixed by:
https://git.kernel.org/linus/5b029a32cfe4600f5e10e36b41778506b90fd4de (5.14)
-CVE-2021-34865
- RESERVED
+CVE-2021-34865 (This vulnerability allows network-adjacent attackers to bypass
authent ...)
+ TODO: check
CVE-2021-34864 (This vulnerability allows local attackers to escalate
privileges on af ...)
NOT-FOR-US: Parallels Desktop
CVE-2021-34863 (This vulnerability allows network-adjacent attackers to
execute arbitr ...)
@@ -47862,6 +47905,7 @@ CVE-2021-30986 (A device configuration issue was
addressed with an updated confi
CVE-2021-30985 (An out-of-bounds write issue was addressed with improved
bounds checki ...)
NOT-FOR-US: Apple
CVE-2021-30984 (A race condition was addressed with improved state handling.
This issu ...)
+ {DSA-5061-1 DSA-5060-1}
- webkit2gtk 2.34.4-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in
stretch)
- wpewebkit 2.34.4-1
@@ -47925,21 +47969,25 @@ CVE-2021-30956
CVE-2021-30955 (A race condition was addressed with improved state handling.
This issu ...)
NOT-FOR-US: Apple
CVE-2021-30954 (A type confusion issue was addressed with improved memory
handling. Th ...)
+ {DSA-5061-1 DSA-5060-1}
- webkit2gtk 2.34.4-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in
stretch)
- wpewebkit 2.34.4-1
NOTE: https://webkitgtk.org/security/WSA-2022-0001.html
CVE-2021-30953 (An out-of-bounds read was addressed with improved bounds
checking. Thi ...)
+ {DSA-5061-1 DSA-5060-1}
- webkit2gtk 2.34.4-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in
stretch)
- wpewebkit 2.34.4-1
NOTE: https://webkitgtk.org/security/WSA-2022-0001.html
CVE-2021-30952 (An integer overflow was addressed with improved input
validation. This ...)
+ {DSA-5061-1 DSA-5060-1}
- webkit2gtk 2.34.4-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in
stretch)
- wpewebkit 2.34.4-1
NOTE: https://webkitgtk.org/security/WSA-2022-0001.html
CVE-2021-30951 (A use after free issue was addressed with improved memory
management. ...)
+ {DSA-5061-1 DSA-5060-1}
- webkit2gtk 2.34.4-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in
stretch)
- wpewebkit 2.34.4-1
@@ -47973,6 +48021,7 @@ CVE-2021-30938 (This issue was addressed with improved
checks. This issue is fix
CVE-2021-30937 (A memory corruption vulnerability was addressed with improved
locking. ...)
NOT-FOR-US: Apple
CVE-2021-30936 (A use after free issue was addressed with improved memory
management. ...)
+ {DSA-5061-1 DSA-5060-1}
- webkit2gtk 2.34.4-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in
stretch)
- wpewebkit 2.34.4-1
@@ -47980,6 +48029,7 @@ CVE-2021-30936 (A use after free issue was addressed
with improved memory manage
CVE-2021-30935 (A logic issue was addressed with improved validation. This
issue is fi ...)
NOT-FOR-US: Apple
CVE-2021-30934 (A buffer overflow issue was addressed with improved memory
handling. T ...)
+ {DSA-5061-1 DSA-5060-1}
- webkit2gtk 2.34.4-1
[stretch] - webkit2gtk <ignored> (Not covered by security support in
stretch)
- wpewebkit 2.34.4-1
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/64669bdae353b81d0d0737e0324691758f08bce0
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/64669bdae353b81d0d0737e0324691758f08bce0
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
