Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
d3d10cd0 by Salvatore Bonaccorso at 2022-03-04T21:01:22+01:00
Track fixed version for two freecad issues fixed via unstable
- - - - -
506028e3 by Salvatore Bonaccorso at 2022-03-04T21:08:11+01:00
Update upstream commit information for CVE-2021-4584{4,5}
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -13789,14 +13789,16 @@ CVE-2021-45846 (A flaw in the AMF parser of Slic3r
libslic3r 1.3.0 allows an att
- slic3r <unfixed>
NOTE: https://github.com/slic3r/Slic3r/issues/5117
CVE-2021-45845 (The Path Sanity Check script of FreeCAD 0.19 is vulnerable to
OS comma ...)
- - freecad <unfixed>
+ - freecad 0.19.4+dfsg1-1
[stretch] - freecad <not-affected> (Vulnerable code introduced in 0.17)
NOTE: https://github.com/FreeCAD/FreeCAD/pull/5306
- NOTE: Fixed by:
https://github.com/FreeCAD/FreeCAD/commit/169eb655f30180b95e5923be2eb3bc4de6e02406
+ NOTE: Fixed by:
https://github.com/FreeCAD/FreeCAD/commit/169eb655f30180b95e5923be2eb3bc4de6e02406
(master)
+ NOTE: Fixed by:
https://github.com/FreeCAD/FreeCAD/commit/a73f442f88725e08f36a3614e690bdef24c3dee3
(0.19.4)
NOTE: https://tracker.freecad.org/view.php?id=4810
CVE-2021-45844 (Improper sanitization in the invocation of ODA File Converter
from Fre ...)
- - freecad <unfixed> (bug #1005747)
- NOTE:
https://github.com/FreeCAD/FreeCAD/commit/1742d7ff82af1653253c4a4183c262c9af3b26d6
(0.20)
+ - freecad 0.19.4+dfsg1-1 (bug #1005747)
+ NOTE: Fixed by;
https://github.com/FreeCAD/FreeCAD/commit/1742d7ff82af1653253c4a4183c262c9af3b26d6
(master)
+ NOTE: Fxied by:
https://github.com/FreeCAD/FreeCAD/commit/ad6977f940d3e64d78a4367452d9a338ad43fa1c
(0.19.4)
NOTE: https://tracker.freecad.org/view.php?id=4809
CVE-2021-45843 (glFusion CMS v1.7.9 is affected by a reflected Cross Site
Scripting (X ...)
NOT-FOR-US: glFusion CMS
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/6b9bd847a2c406e34e8dd6609fd13c9940ad861a...506028e36ce4d4780a5be25472d80c2615b3de1a
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/6b9bd847a2c406e34e8dd6609fd13c9940ad861a...506028e36ce4d4780a5be25472d80c2615b3de1a
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
