[Git][security-tracker-team/security-tracker][master] Merge one php-illuminate-database which has no CVE assigned

Sat, 26 Mar 2022 03:09:37 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
bd2fa745 by Salvatore Bonaccorso at 2022-03-26T11:08:50+01:00
Merge one php-illuminate-database which has no CVE assigned

- - - - -


2 changed files:

- data/CVE/list
- data/next-oldstable-point-update.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -74936,7 +74936,7 @@ CVE-2021-25281 (An issue was discovered in through 
SaltStack Salt before 3002.5.
 CVE-2021-XXXX [SQL Server LIMIT / OFFSET SQL Injection]
        - php-laravel-framework 6.20.14+dfsg-2 (bug #987831)
        - php-illuminate-database <removed> (bug #987848)
-       [buster] - php-illuminate-database <no-dsa> (Minor issue)
+       [buster] - php-illuminate-database 5.7.27-1+deb10u1
        NOTE: 
https://github.com/laravel/framework/security/advisories/GHSA-4mg9-vhxq-vm7j
        NOTE: 
https://blog.laravel.com/security-sql-injection-in-sql-server-limit-offset
 CVE-2021-XXXX [Unexpected database bindings via requests (follow-up)]


=====================================
data/next-oldstable-point-update.txt
=====================================
@@ -204,9 +204,7 @@ CVE-2021-44832
        [buster] - apache-log4j2 2.17.1-1~deb10u1
 CVE-2021-40874
        [buster] - lemonldap-ng 2.0.2+ds-7+deb10u7
-CVE-2021-XXXX [SQL Server LIMIT / OFFSET SQL Injection]
-       [buster] - php-illuminate-database 5.7.27-1+deb10u1
-CVE-2021-21263 (Laravel is a web application framework. Versions of Laravel 
before 6.2 ...)
+CVE-2021-21263
        [buster] - php-illuminate-database 5.7.27-1+deb10u1
 CVE-2022-0534
        [buster] - htmldoc 1.9.3-1+deb10u3



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bd2fa74568e0ac39d0f360bd1a334ab074889a83

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bd2fa74568e0ac39d0f360bd1a334ab074889a83
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to