[Git][security-tracker-team/security-tracker][master] NFU

Mon, 11 Jul 2022 12:36:30 -0700 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
6b3e3745 by Moritz Muehlenhoff at 2022-07-11T21:31:19+02:00
NFU

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -49248,9 +49248,7 @@ CVE-2021-43505 (Multiple Cross Site Scripting (XSS) 
vulnerabilities exist in Sso
 CVE-2021-43504
        RESERVED
 CVE-2021-43503 (A Remote Code Execution (RCE) vulnerability exists in h 
laravel 5.8.38 ...)
-       - php-laravel-framework <undetermined>
-       NOTE: 
https://github.com/guoyanan1g/Laravel-vul/issues/2#issue-1045655892
-       TODO: check, unclear status of report to upstream
+       NOTE: Disputed Laravel issue
 CVE-2021-43502
        RESERVED
 CVE-2021-43501
@@ -126259,10 +126257,8 @@ CVE-2020-26557 (Mesh Provisioning in the Bluetooth 
Mesh profile 1.0 and 1.0.1 ma
        NOTE: 
https://www.bluetooth.com/learn-about-bluetooth/key-attributes/bluetooth-security/predicatable-authvalue/
        NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1960009
 CVE-2020-26556 (Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 
may perm ...)
-       - bluez <unfixed>
-       [bullseye] - bluez <no-dsa> (Minor issue)
-       [buster] - bluez <no-dsa> (Minor issue)
-       [stretch] - bluez <not-affected> (Mesh support introduced later)
+       NOT-FOR-US: Bluetooth
+       NOTE: There's no indication that any Bluetooth software in Debian is 
affected
        NOTE: https://kb.cert.org/vuls/id/799380
        NOTE: 
https://www.bluetooth.com/learn-about-bluetooth/key-attributes/bluetooth-security/malleable/
        NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1960012



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6b3e374505c297f9ac83178fa1db2d60f833d287

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6b3e374505c297f9ac83178fa1db2d60f833d287
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to