Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
1780cc4c by Moritz Muehlenhoff at 2022-07-11T20:39:36+02:00
bugnums
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -30237,7 +30237,7 @@ CVE-2022-24760 (Parse Server is an open source http web
server backend. In versi
CVE-2022-24759 (`@chainsafe/libp2p-noise` contains TypeScript implementation
of noise ...)
NOT-FOR-US: chainsafe/libp2p-noise
CVE-2022-24758 (The Jupyter notebook is a web-based notebook environment for
interacti ...)
- - jupyter-notebook <unfixed>
+ - jupyter-notebook <unfixed> (bug #1014771)
[bullseye] - jupyter-notebook <no-dsa> (Minor issue)
[buster] - jupyter-notebook <no-dsa> (Minor issue)
NOTE:
https://github.com/jupyter/notebook/security/advisories/GHSA-m87f-39q9-6f55
@@ -33212,7 +33212,7 @@ CVE-2021-4214
NOTE: Crash in CLI package, not shipped in binary packages
CVE-2021-4213
RESERVED
- - jss <unfixed>
+ - jss <unfixed> (bug #1014770)
[bullseye] - jss <no-dsa> (Minor issue)
[buster] - jss <no-dsa> (Minor issue)
[stretch] - jss <postponed> (revisit when/if fix is complete)
@@ -67765,14 +67765,14 @@ CVE-2021-37139
CVE-2021-37138
RESERVED
CVE-2021-37137 (The Snappy frame decoder function doesn't restrict the chunk
length wh ...)
- - netty <unfixed>
+ - netty <unfixed> (bug #1014769)
[bullseye] - netty <no-dsa> (Minor issue)
[buster] - netty <no-dsa> (Minor issue)
[stretch] - netty <no-dsa> (Minor issue)
NOTE:
https://github.com/netty/netty/security/advisories/GHSA-9vjp-v76f-g363
NOTE: Fixed by:
https://github.com/netty/netty/commit/6da4956b31023ae967451e1d94ff51a746a9194f
(netty-4.1.68.Final)
CVE-2021-37136 (The Bzip2 decompression decoder function doesn't allow setting
size re ...)
- - netty <unfixed>
+ - netty <unfixed> (bug #1014769)
[bullseye] - netty <no-dsa> (Minor issue)
[buster] - netty <no-dsa> (Minor issue)
[stretch] - netty <no-dsa> (Minor issue)
@@ -93278,7 +93278,7 @@ CVE-2021-27027 (An Out-Of-Bounds Read Vulnerability in
Autodesk FBX Review versi
CVE-2021-27026 (A flaw was divered in Puppet Enterprise and other Puppet
products wher ...)
NOT-FOR-US: Puppet Enterprise
CVE-2021-27025 (A flaw was discovered in Puppet Agent where the agent may
silently ign ...)
- - puppet <unfixed>
+ - puppet <unfixed> (bug #1014772)
[bullseye] - puppet <ignored> (Minor issue, too intrusive to backport)
[buster] - puppet <ignored> (Minor issue, too intrusive to backport)
[stretch] - puppet <ignored> (Minor issue, too intrusive to backport)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1780cc4c8cdff45f3736b49b901620c67515f4ae
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1780cc4c8cdff45f3736b49b901620c67515f4ae
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
