[Git][security-tracker-team/security-tracker][master] Track fixed version mariadb-10.5 via unstable
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 937580b9 by Salvatore Bonaccorso at 2021-05-17T06:34:20+02:00 Track fixed version mariadb-10.5 via unstable - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -33760,7 +33760,7 @@ CVE-2021-2156 (Vulnerability in the Oracle Customers Online product of Oracle E- CVE-2021-2155 (Vulnerability in the Oracle One-to-One Fulfillment product of Oracle E ...) NOT-FOR-US: Oracle CVE-2021-2154 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...) - - mariadb-10.5 (bug #988428) + - mariadb-10.5 1:10.5.10-1 (bug #988428) - mariadb-10.3 [buster] - mariadb-10.3 (Minor issue) - mysql-5.7 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/937580b9a5c6e6e9c31df591aec67768d3b360c4 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/937580b9a5c6e6e9c31df591aec67768d3b360c4 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Add retrospectively additional CVE entry for mariadb
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 0e16d6bb by Salvatore Bonaccorso at 2021-05-17T06:33:35+02:00 Add retrospectively additional CVE entry for mariadb - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -33722,7 +33722,7 @@ CVE-2021-2168 CVE-2021-2167 (Vulnerability in the Oracle Solaris product of Oracle Systems (compone ...) NOT-FOR-US: Oracle CVE-2021-2166 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...) - - mariadb-10.5 (bug #988428) + - mariadb-10.5 1:10.5.10-1 (bug #988428) - mariadb-10.3 [buster] - mariadb-10.3 (Minor issue) - mysql-8.0 (bug #987325) @@ -34032,8 +34032,14 @@ CVE-2021-2024 (Vulnerability in the MySQL Server product of Oracle MySQL (compon CVE-2021-2023 (Vulnerability in the Oracle Installed Base product of Oracle E-Busines ...) NOT-FOR-US: Oracle CVE-2021-2022 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...) + - mariadb-10.5 1:10.5.5-1 + - mariadb-10.3 1:10.3.24-1 + [buster] - mariadb-10.3 1:10.3.25-0+deb10u1 + - mariadb-10.1 + [stretch] - mariadb-10.1 10.1.47-0+deb9u1 - mysql-8.0 8.0.23-1 (bug #980795) - mysql-5.7 (bug #981194) + NOTE: Fixed in MariaDB 10.5.5, 10.4.14, 10.3.24, 10.2.33, 10.1.46 CVE-2021-2021 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...) - mysql-8.0 8.0.23-1 (bug #980795) CVE-2021-2020 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0e16d6bb0424dedca3cf3e2a8568ba75b685c435 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0e16d6bb0424dedca3cf3e2a8568ba75b685c435 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Update CVE-2021-2194/mariadb according to (adjusted) upstream listing
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 85aabebc by Salvatore Bonaccorso at 2021-05-17T06:29:18+02:00 Update CVE-2021-2194/mariadb according to (adjusted) upstream listing - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -33655,12 +33655,12 @@ CVE-2021-2196 (Vulnerability in the MySQL Server product of Oracle MySQL (compon CVE-2021-2195 (Vulnerability in the Oracle Partner Management product of Oracle E-Bus ...) NOT-FOR-US: Oracle CVE-2021-2194 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...) - - mariadb-10.5 1:10.5.9-1 + - mariadb-10.5 1:10.5.8-1 - mariadb-10.3 - [buster] - mariadb-10.3 + [buster] - mariadb-10.3 1:10.3.27-0+deb10u1 - mysql-5.7 - mysql-8.0 (bug #987325) - NOTE: Fixed in MariaDB 10.5.9, 10.4.18, 10.3.28, 10.2.37 + NOTE: Fixed in MariaDB 10.5.7, 10.4.16, 10.3.26, 10.2.35 CVE-2021-2193 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...) - mysql-8.0 (bug #987325) CVE-2021-2192 (Vulnerability in the Oracle Solaris product of Oracle Systems (compone ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/85aabebc64a193a88c2796e1395dcc9709681881 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/85aabebc64a193a88c2796e1395dcc9709681881 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Add reference to CVE-2021-3541/libxml2
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 873b7d98 by Salvatore Bonaccorso at 2021-05-17T06:21:36+02:00 Add reference to CVE-2021-3541/libxml2 - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -1203,6 +1203,7 @@ CVE-2021-3541 NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1950515 NOTE: https://gitlab.gnome.org/GNOME/libxml2/-/commit/8598060bacada41a0eb09d95c97744ff4e428f8e NOTE: https://gitlab.gnome.org/GNOME/libxml2/-/issues/228 (currently private) + NOTE: https://blog.hartwork.org/posts/cve-2021-3541-parameter-laughs-fixed-in-libxml2-2-9-11/ CVE-2021-32479 RESERVED CVE-2021-32478 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/873b7d9871ef964b788fde28aa564f8c27210e82 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/873b7d9871ef964b788fde28aa564f8c27210e82 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] update note
Thorsten Alteholz pushed to branch master at Debian Security Tracker / security-tracker Commits: f6853280 by Thorsten Alteholz at 2021-05-17T00:11:05+02:00 update note - - - - - 1 changed file: - data/dla-needed.txt Changes: = data/dla-needed.txt = @@ -45,7 +45,7 @@ firmware-nonfree NOTE: 20201207: wait for the update in buster and backport that (Emilio) -- golang-github-appc-cni (Thorsten Alteholz) - NOTE: 20210503: still WIP, trying to automize golang updates + NOTE: 20210517: still WIP, trying to automize golang updates -- golang-gogoprotobuf NOTE: 20210218: If you have any idea why this is called the "skippy peanut butter" issue, I would be mildly interested. (lamby) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f68532803d86ae24dc7133e80e6d1426c410bb6f -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f68532803d86ae24dc7133e80e6d1426c410bb6f You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 7075a0a4 by Salvatore Bonaccorso at 2021-05-16T22:23:15+02:00 Process some NFUs - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -9292,7 +9292,7 @@ CVE-2021-29049 CVE-2021-29048 RESERVED CVE-2021-29047 (The SimpleCaptcha implementation in Liferay Portal 7.3.4, 7.3.5 and Li ...) - TODO: check + NOT-FOR-US: Liferay CVE-2021-29046 RESERVED CVE-2021-29045 @@ -9304,11 +9304,11 @@ CVE-2021-29043 CVE-2021-29042 RESERVED CVE-2021-29041 (Denial-of-service (DoS) vulnerability in the Multi-Factor Authenticati ...) - TODO: check + NOT-FOR-US: Liferay CVE-2021-29040 (The JSON web services in Liferay Portal 7.3.4 and earlier, and Liferay ...) - TODO: check + NOT-FOR-US: Liferay CVE-2021-29039 (Cross-site scripting (XSS) vulnerability in the Asset module's categor ...) - TODO: check + NOT-FOR-US: Liferay CVE-2021-29038 RESERVED CVE-2021-29037 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7075a0a40b3082e3c9d756368554608292b7e4b4 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7075a0a40b3082e3c9d756368554608292b7e4b4 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
18042e37 by security tracker role at 2021-05-16T20:10:24+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=
data/CVE/list
=
@@ -9291,8 +9291,8 @@ CVE-2021-29049
RESERVED
CVE-2021-29048
RESERVED
-CVE-2021-29047
- RESERVED
+CVE-2021-29047 (The SimpleCaptcha implementation in Liferay Portal 7.3.4,
7.3.5 and Li ...)
+ TODO: check
CVE-2021-29046
RESERVED
CVE-2021-29045
@@ -9303,12 +9303,12 @@ CVE-2021-29043
RESERVED
CVE-2021-29042
RESERVED
-CVE-2021-29041
- RESERVED
-CVE-2021-29040
- RESERVED
-CVE-2021-29039
- RESERVED
+CVE-2021-29041 (Denial-of-service (DoS) vulnerability in the Multi-Factor
Authenticati ...)
+ TODO: check
+CVE-2021-29040 (The JSON web services in Liferay Portal 7.3.4 and earlier, and
Liferay ...)
+ TODO: check
+CVE-2021-29039 (Cross-site scripting (XSS) vulnerability in the Asset module's
categor ...)
+ TODO: check
CVE-2021-29038
RESERVED
CVE-2021-29037
@@ -24284,8 +24284,8 @@ CVE-2021-22670 (An uninitialized pointer may be
exploited in Fatek FvDesigner Ve
NOT-FOR-US: Fatek FvDesigner
CVE-2021-22669 (Incorrect permissions are set to default on the Project
Managem ...)
NOT-FOR-US: WebAccess/SCADA
-CVE-2021-22668
- RESERVED
+CVE-2021-22668 (Delta Industrial Automation CNCSoft ScreenEditor Versions
1.01.28 (wit ...)
+ TODO: check
CVE-2021-22667 (BB-ESWGP506-2SFP-T versions 1.01.09 and prior is vulnerable
due to the ...)
NOT-FOR-US: BB-ESWGP506-2SFP-T
CVE-2021-22666 (Fatek FvDesigner Version 1.5.76 and prior is vulnerable to a
stack-bas ...)
@@ -25220,7 +25220,7 @@ CVE-2021-22206 (An issue has been discovered in GitLab
affecting all versions st
CVE-2021-22205 (An issue has been discovered in GitLab CE/EE affecting all
versions st ...)
- gitlab
CVE-2021-22204 (Improper neutralization of user data in the DjVu file format
in ExifTo ...)
- {DSA-4910-1}
+ {DSA-4910-1 DLA-2663-1}
- libimage-exiftool-perl 12.16+dfsg-2 (bug #987505)
NOTE: https://bugs.launchpad.net/bugs/1925985
NOTE:
https://github.com/exiftool/exiftool/commit/cf0f4e7dcd024ca99615bfd1102a841a25dde031#diff-fa0d652d10dbcd246e6b1df16c1e992931d3bb717a7e36157596b76bdadb3800
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/18042e371d496cdaa80f46c94ee1928cac0d82cc
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/18042e371d496cdaa80f46c94ee1928cac0d82cc
You're receiving this email because of your account on salsa.debian.org.
___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2021-3541/libxml2
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: c3896c12 by Salvatore Bonaccorso at 2021-05-16T21:31:43+02:00 Add Debian bug reference for CVE-2021-3541/libxml2 - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -1199,7 +1199,7 @@ CVE-2021-32490 NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1943408 CVE-2021-3541 RESERVED - - libxml2 + - libxml2 (bug #988603) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1950515 NOTE: https://gitlab.gnome.org/GNOME/libxml2/-/commit/8598060bacada41a0eb09d95c97744ff4e428f8e NOTE: https://gitlab.gnome.org/GNOME/libxml2/-/issues/228 (currently private) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c3896c1213a7d6cc34748ec00c10bdb3ab59f04f -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c3896c1213a7d6cc34748ec00c10bdb3ab59f04f You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Add note in dla-needed.txt
Abhijith PA pushed to branch master at Debian Security Tracker / security-tracker Commits: cd21494a by Abhijith PA at 2021-05-16T23:40:44+05:30 Add note in dla-needed.txt - - - - - 1 changed file: - data/dla-needed.txt Changes: = data/dla-needed.txt = @@ -127,6 +127,7 @@ salt NOTE: 20210510: will try to release ASAP; also preparing update for buster (DSA). (utkarsh) -- samba (Abhijith PA) + NOTE: 20210516: Test build samba_4.5.16+dfsg-1+deb9u4.dsc (abhijith) -- shiro (Roberto C. Sánchez) NOTE: 20200920: WIP View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cd21494a19224fa8b7fcb9e782d4ed4d08cd121e -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cd21494a19224fa8b7fcb9e782d4ed4d08cd121e You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] LTS: status update
Anton Gladky pushed to branch master at Debian Security Tracker / security-tracker Commits: ae3d76eb by Anton Gladky at 2021-05-16T18:24:28+02:00 LTS: status update - - - - - 1 changed file: - data/dla-needed.txt Changes: = data/dla-needed.txt = @@ -66,8 +66,10 @@ gsoap (Abhijith PA) imagemagick (Anton Gladky) NOTE: 20210415: Tracker records as vulnerable to CVE-2021-20312, but parts of NOTE: 20210415: patch already partly covered; needs investigation. (lamby) + NOTE: 20210516: WIP -- libwebp (Anton Gladky) + NOTE: 20210516: WIP -- linux (Ben Hutchings) -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ae3d76eb6d2e129a0457feb8c17872d646259853 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ae3d76eb6d2e129a0457feb8c17872d646259853 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2021-29482/golang-github-ulikunitz-xz via unstable
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: a5151e59 by Salvatore Bonaccorso at 2021-05-16T16:35:19+02:00 Track fixed version for CVE-2021-29482/golang-github-ulikunitz-xz via unstable - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -8212,7 +8212,7 @@ CVE-2021-29484 (Ghost is a Node.js CMS. An unused endpoint added during the deve CVE-2021-29483 (ManageWiki is an extension to the MediaWiki project. The 'wikiconfig' ...) NOT-FOR-US: ManageWiki MediaWiki extension CVE-2021-29482 (xz is a compression and decompression library focusing on the xz forma ...) - - golang-github-ulikunitz-xz (bug #988243) + - golang-github-ulikunitz-xz 0.5.6-2 (bug #988243) NOTE: https://github.com/ulikunitz/xz/security/advisories/GHSA-25xm-hr59-7c27 NOTE: https://github.com/ulikunitz/xz/commit/69c6093c7b2397b923acf82cb378f55ab2652b9b CVE-2021-29481 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a5151e597fca85181a8c5396c7d2c6e42b8a596a -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a5151e597fca85181a8c5396c7d2c6e42b8a596a You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Reserve DLA-2663-1 for libimage-exiftool-perl
Utkarsh Gupta pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
d7b98106 by Utkarsh Gupta at 2021-05-16T15:09:40+05:30
Reserve DLA-2663-1 for libimage-exiftool-perl
- - - - -
2 changed files:
- data/DLA/list
- data/dla-needed.txt
Changes:
=
data/DLA/list
=
@@ -1,3 +1,6 @@
+[16 May 2021] DLA-2663-1 libimage-exiftool-perl - security update
+ {CVE-2021-22204}
+ [stretch] - libimage-exiftool-perl 10.40-1+deb9u1
[15 May 2021] DLA-2662-1 postgresql-9.6 - security update
{CVE-2021-32027 CVE-2021-32028}
[stretch] - postgresql-9.6 9.6.22-0+deb9u1
=
data/dla-needed.txt
=
@@ -67,8 +67,6 @@ imagemagick (Anton Gladky)
NOTE: 20210415: Tracker records as vulnerable to CVE-2021-20312, but parts of
NOTE: 20210415: patch already partly covered; needs investigation. (lamby)
--
-libimage-exiftool-perl (Utkarsh)
---
libwebp (Anton Gladky)
--
linux (Ben Hutchings)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d7b981065000c6ea99d5b17e61c91458f2a79100
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d7b981065000c6ea99d5b17e61c91458f2a79100
You're receiving this email because of your account on salsa.debian.org.
___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Add CE-2021-3541/libxml2
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 8b6f3c7c by Salvatore Bonaccorso at 2021-05-16T08:10:09+02:00 Add CE-2021-3541/libxml2 - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -1199,6 +1199,10 @@ CVE-2021-32490 NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1943408 CVE-2021-3541 RESERVED + - libxml2 + NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1950515 + NOTE: https://gitlab.gnome.org/GNOME/libxml2/-/commit/8598060bacada41a0eb09d95c97744ff4e428f8e + NOTE: https://gitlab.gnome.org/GNOME/libxml2/-/issues/228 (currently private) CVE-2021-32479 RESERVED CVE-2021-32478 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8b6f3c7c0f1a418b5507068affce35e3bba55d09 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8b6f3c7c0f1a418b5507068affce35e3bba55d09 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Add CVE-2021-3541/libxml2
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: cc6364f4 by Salvatore Bonaccorso at 2021-05-16T08:08:49+02:00 Add CVE-2021-3541/libxml2 - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -2288,6 +2288,11 @@ CVE-2021-3532 NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1956464 CVE-2021-3531 RESERVED + - ceph + NOTE: https://www.openwall.com/lists/oss-security/2021/05/14/5 + NOTE: Nautilus: https://github.com/ceph/ceph/commit/f44a8ae8aa27ecef69528db9aec220f12492810e + NOTE: Octopus: https://github.com/ceph/ceph/commit/b87e64e3206210580f4a6df2d77f9ae3f1033039 + NOTE: Pacific: https://github.com/ceph/ceph/commit/bf06990ab41d7ac299e4441ad9cd434e926a18e7 CVE-2021-3530 RESERVED - binutils (unimportant) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cc6364f430b048a6955895c6f9843f01f56c35f1 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cc6364f430b048a6955895c6f9843f01f56c35f1 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Add CVE-2021-3509/ceph
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: a60a8835 by Salvatore Bonaccorso at 2021-05-16T08:07:43+02:00 Add CVE-2021-3509/ceph - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -3508,6 +3508,11 @@ CVE-2021-3510 RESERVED CVE-2021-3509 RESERVED + - ceph + NOTE: Nautilus: https://github.com/ceph/ceph/commit/adda853e64bdba1288d46bc7d462d23d8f2f10ca + NOTE: Octopus: https://github.com/ceph/ceph/commit/7a1ca8d372da3b6a4fc3d221a0e5f72d1d61c27b + NOTE: Pacific: https://github.com/ceph/ceph/commit/af3fffab3b0f13057134d96e5d481e400d8bfd27 + NOTE: https://www.openwall.com/lists/oss-security/2021/05/14/4 CVE-2021-31521 RESERVED CVE-2021-31520 (A weak session token authentication bypass vulnerability in Trend Micr ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a60a883543411621a09bc28d9182eda84a708cd1 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a60a883543411621a09bc28d9182eda84a708cd1 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
