Neil Williams pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
3e17fe4e by Neil Williams at 2022-02-14T10:59:31+00:00
Update other Flask-AppBuilder CVEs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -16655,7 +16655,9 @@ CVE-2022-21661 (WordPress is a free and open-source
content management system wr
CVE-2022-21660 (Gin-vue-admin is a backstage management system based on vue
and gin. I ...)
TODO: check
CVE-2022-21659 (Flask-AppBuilder is an application development framework,
built on top ...)
- TODO: check
+ - flask-appbuilder <itp> (bug #998029)
+ NOTE: https://github.com/dpgaspar/Flask-AppBuilder/pull/1775
+ NOTE:
https://github.com/dpgaspar/Flask-AppBuilder/commit/e2b744c258ff62ece9d5ac7172c3b4644ff4c2fe
(3.4.4)
CVE-2022-21658 (Rust is a multi-paradigm, general-purpose programming language
designe ...)
- rustc <unfixed>
[bullseye] - rustc <no-dsa> (Minor issue)
@@ -47142,7 +47144,8 @@ CVE-2021-32807 (The module `AccessControl` defines
security policies for Python
CVE-2021-32806 (Products.isurlinportal is a replacement for isURLInPortal
method in Pl ...)
NOT-FOR-US: Plone
CVE-2021-32805 (Flask-AppBuilder is an application development framework,
built on top ...)
- NOT-FOR-US: Flask-AppBuilder
+ - flask-appbuilder <itp> (bug #998029)
+ NOTE:
https://github.com/dpgaspar/Flask-AppBuilder/commit/6af28521589599b1dbafd6313256229ee9a4fa74
(3.3.4)
CVE-2021-32804 (The npm package "tar" (aka node-tar) before versions 6.1.1,
5.0.6, 4.4 ...)
- node-tar 6.1.7+~cs11.3.10-1 (bug #992111)
[bullseye] - node-tar 6.0.5+ds1+~cs11.3.9-1+deb11u1
@@ -55802,7 +55805,8 @@ CVE-2021-29622 (Prometheus is an open-source monitoring
system and time series d
NOTE: The vulnerability itself is introduced with 2.23.0 upstream.
NOTE: See https://bugs.debian.org/988804 for details.
CVE-2021-29621 (Flask-AppBuilder is a development framework, built on top of
Flask. Us ...)
- NOT-FOR-US: Flask-AppBuilder
+ - flask-appbuilder <itp> (bug #998029)
+ NOTE:
https://github.com/dpgaspar/Flask-AppBuilder/commit/780bd0e8fbf2d36ada52edb769477e0a4edae580
(3.3.4)
CVE-2021-29620 (Report portal is an open source reporting and analysis
framework. Star ...)
NOT-FOR-US: Report portal
CVE-2021-29619 (TensorFlow is an end-to-end open source platform for machine
learning. ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3e17fe4edc5db67bafb039cbf8bf9d8a7ceb20a5
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3e17fe4edc5db67bafb039cbf8bf9d8a7ceb20a5
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
