[Git][security-tracker-team/security-tracker][master] bugnums

Moritz Muehlenhoff (@jmm) Tue, 12 Jul 2022 08:34:23 -0700


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
ce6ea077 by Moritz Muehlenhoff at 2022-07-12T17:33:46+02:00
bugnums

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -7741,7 +7741,7 @@ CVE-2022-32534 (The Bosch Ethernet switch PRA-ES8P2S with 
software version 1.01.
 CVE-2022-32533 (** UNSUPPORTED WHEN ASSIGNED ** Apache Jetspeed-2 does not 
sufficientl ...)
        NOT-FOR-US: Apache Portals Jetspeed
 CVE-2022-32532 (Apache Shiro before 1.9.1, A RegexRequestMatcher can be 
misconfigured  ...)
-       - shiro <unfixed>
+       - shiro <unfixed> (bug #1014820)
        [bullseye] - shiro <no-dsa> (Minor issue)
        [buster] - shiro <no-dsa> (Minor issue)
        NOTE: https://www.openwall.com/lists/oss-security/2022/06/28/2
@@ -57211,7 +57211,7 @@ CVE-2021-3805 (object-path is vulnerable to Improperly 
Controlled Modification o
        NOTE: https://huntr.dev/bounties/571e3baf-7c46-46e3-9003-ba7e4e623053
        NOTE: 
https://github.com/mariocasciaro/object-path/commit/e6bb638ffdd431176701b3e9024f80050d0ef0a6
 CVE-2021-41303 (Apache Shiro before 1.8.0, when using Apache Shiro with Spring 
Boot, a ...)
-       - shiro <unfixed>
+       - shiro <unfixed> (bug #1014819)
        [bullseye] - shiro <no-dsa> (Minor issue)
        [buster] - shiro <no-dsa> (Minor issue)
        [stretch] - shiro <no-dsa> (Minor issue)
@@ -80252,7 +80252,7 @@ CVE-2021-32066 (An issue was discovered in Ruby through 
2.6.7, 2.7.x through 2.7
        - ruby2.7 2.7.4-1 (bug #990815)
        - ruby2.5 <removed>
        - ruby2.3 <removed>
-       - jruby <unfixed>
+       - jruby <unfixed> (bug #1014818)
        [buster] - jruby <no-dsa> (Minor issue)
        [stretch] - jruby <no-dsa> (Minor issue)
        NOTE: 
https://www.ruby-lang.org/en/news/2021/07/07/starttls-stripping-in-net-imap/
@@ -81181,7 +81181,7 @@ CVE-2021-31810 (An issue was discovered in Ruby through 
2.6.7, 2.7.x through 2.7
        - ruby2.7 2.7.4-1 (bug #990815)
        - ruby2.5 <removed>
        - ruby2.3 <removed>
-       - jruby <unfixed>
+       - jruby <unfixed> (bug #1014818)
        [buster] - jruby <no-dsa> (Minor issue)
        [stretch] - jruby <no-dsa> (Minor issue)
        NOTE: 
https://www.ruby-lang.org/en/news/2021/07/07/trusting-pasv-responses-in-net-ftp/



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ce6ea07741df5482d6b22736dcf13e1d2ecad4c9

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ce6ea07741df5482d6b22736dcf13e1d2ecad4c9
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] bugnums

Reply via email to