Neil Williams pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
832bb6f4 by Neil Williams at 2022-03-25T09:46:20+00:00
CVE-2021-41736/faust <unfixed>
- - - - -
b15ab3c2 by Neil Williams at 2022-03-25T10:11:32+00:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -20276,7 +20276,7 @@ CVE-2021-45119
CVE-2021-45118
RESERVED
CVE-2021-45117 (The OPC autogenerated ANSI C stack stubs (in the NodeSets) do
not hand ...)
- TODO: check
+ NOT-FOR-US: OPCFoundation/UA-Nodeset
CVE-2021-45116 (An issue was discovered in Django 2.2 before 2.2.26, 3.2
before 3.2.11 ...)
- python-django 2:3.2.11-1 (bug #1003113)
[bullseye] - python-django <postponed> (Minor issue; fix in next update)
@@ -20875,7 +20875,7 @@ CVE-2021-4108 (snipe-it is vulnerable to Improper
Neutralization of Input During
CVE-2022-0010
RESERVED
CVE-2021-45040 (The Spatie media-library-pro library through 1.17.10 and 2.x
through 2 ...)
- TODO: check
+ NOT-FOR-US: spatie/laravel-medialibrary
CVE-2021-45039
RESERVED
CVE-2021-45038 (An issue was discovered in MediaWiki before 1.35.5, 1.36.x
before 1.36 ...)
@@ -23654,7 +23654,7 @@ CVE-2021-44141 (All versions of Samba prior to 4.15.5
are vulnerable to a malici
CVE-2021-44140 (Remote attackers may delete arbitrary files in a system
hosting a JSPW ...)
- jspwiki <removed>
CVE-2021-44139 (Sentinel 1.8.2 is vulnerable to Server-side request forgery
(SSRF). ...)
- TODO: check
+ NOT-FOR-US: alibaba/Sentinel
CVE-2021-44138
RESERVED
CVE-2021-44137
@@ -25999,7 +25999,7 @@ CVE-2021-43702
CVE-2021-43701
RESERVED
CVE-2021-43700 (An issue was discovered in ApiManager 1.1. there is sql
injection vuln ...)
- TODO: check
+ NOT-FOR-US: ApiManager
CVE-2021-43699
RESERVED
CVE-2021-43698 (phpWhois (last update Jun 30 2021) is affected by a Cross Site
Scripti ...)
@@ -33214,7 +33214,8 @@ CVE-2021-41738
CVE-2021-41737
RESERVED
CVE-2021-41736 (Faust v2.35.0 was discovered to contain a heap-buffer overflow
in the ...)
- TODO: check
+ - faust <unfixed>
+ NOTE: https://github.com/grame-cncm/faust/issues/653
CVE-2021-41735
RESERVED
CVE-2021-41734
@@ -37964,9 +37965,9 @@ CVE-2021-39795
CVE-2021-39794
RESERVED
CVE-2021-39793 (In kbase_jd_user_buf_pin_pages of mali_kbase_mem.c, there is a
possibl ...)
- TODO: check
+ NOT-FOR-US: Pixel
CVE-2021-39792 (In usb_gadget_giveback_request of core.c, there is a possible
use afte ...)
- TODO: check
+ NOT-FOR-US: Android kernel patches
CVE-2021-39791
RESERVED
CVE-2021-39790
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/80ae626b4db15bc6411395c9f1035d4cd2f02a71...b15ab3c2ed6ac28599449a24ba820d8074dbef13
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/80ae626b4db15bc6411395c9f1035d4cd2f02a71...b15ab3c2ed6ac28599449a24ba820d8074dbef13
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
