Neil Williams pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
cd09e50d by Neil Williams at 2022-05-09T10:40:27+01:00
CVE-2021-3844[1,3] cyclonedds undetermined - no upstream tracking
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -49646,11 +49646,19 @@ CVE-2021-38445 (OCI OpenDDS versions prior to 3.18.1
do not handle a length para
CVE-2021-38444
RESERVED
CVE-2021-38443 (Eclipse CycloneDDS versions prior to 0.8.0 improperly handle
invalid s ...)
- TODO: check
+ - cyclonedds <undetermined>
+ NOTE: No mention of CVE upstream
+ NOTE: https://projects.eclipse.org/projects/iot.cyclonedds
+ NOTE: https://www.cisa.gov/uscert/ics/advisories/icsa-21-315-02
+ TODO: check for upstream commit
CVE-2021-38442 (FATEK Automation WinProladder versions 3.30 and prior lacks
proper val ...)
NOT-FOR-US: FATEK Automation
CVE-2021-38441 (Eclipse CycloneDDS versions prior to 0.8.0 are vulnerable to a
write-w ...)
- TODO: check
+ - cyclonedds <undetermined>
+ NOTE: No mention of CVE upstream
+ NOTE: https://projects.eclipse.org/projects/iot.cyclonedds
+ NOTE: https://www.cisa.gov/uscert/ics/advisories/icsa-21-315-02
+ TODO: check for upstream commit
CVE-2021-38440 (FATEK Automation WinProladder versions 3.30 and prior is
vulnerable to ...)
NOT-FOR-US: FATEK Automation
CVE-2021-38439 (All versions of GurumDDS are vulnerable to heap-based buffer
overflow, ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cd09e50dee4a0b66e173af9175c83c49dbc38f7c
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cd09e50dee4a0b66e173af9175c83c49dbc38f7c
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
