[Git][security-tracker-team/security-tracker][master] 3 commits: add gpac

Thu, 21 Oct 2021 06:11:27 -0700 


Thorsten Alteholz pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
3f0cae72 by Thorsten Alteholz at 2021-10-21T15:00:26+02:00
add gpac

- - - - -
267a2047 by Thorsten Alteholz at 2021-10-21T15:02:33+02:00
mark two CVEs of vim as no-dsa for Stretch

- - - - -
99dd3f50 by Thorsten Alteholz at 2021-10-21T15:05:04+02:00
mark two CVEs of atomicparsley as no-dsa for Stretch

- - - - -


2 changed files:

- data/CVE/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -2618,6 +2618,7 @@ CVE-2021-3875 (vim is vulnerable to Heap-based Buffer 
Overflow ...)
        - vim <unfixed> (bug #996593)
        [bullseye] - vim <no-dsa> (Minor issue)
        [buster] - vim <no-dsa> (Minor issue)
+       [stretch] - vim <no-dsa> (Minor issue)
        NOTE: https://huntr.dev/bounties/5cdbc168-6ba1-4bc2-ba6c-28be12166a53/
        NOTE: 
https://github.com/vim/vim/commit/35a319b77f897744eec1155b736e9372c9c5575f 
(v8.2.3489)
 CVE-2021-42133
@@ -2692,6 +2693,7 @@ CVE-2021-42101
        RESERVED
 CVE-2021-3872 (vim is vulnerable to Heap-based Buffer Overflow ...)
        - vim <unfixed>
+       [stretch] - vim <no-dsa> (Minor issue)
        NOTE: https://huntr.dev/bounties/c958013b-1c09-4939-92ca-92f50aa169e8
        NOTE: 
https://github.com/vim/vim/commit/826bfe4bbd7594188e3d74d2539d9707b1c6a14b
 CVE-2021-3871
@@ -14202,6 +14204,7 @@ CVE-2021-37233
        RESERVED
 CVE-2021-37232 (A stack overflow vulnerability occurs in Atomicparsley 
20210124.204813 ...)
        - atomicparsley 20210715.151551.e7ad03a-1 (bug #993366)
+       [stretch] - atomicparsley <no-dsa> (Minor issue)
        - gtkpod <unfixed> (bug #993376)
        [bullseye] - gtkpod <ignored> (Minor issue)
        [buster] - gtkpod <ignored> (Minor issue)
@@ -14210,6 +14213,7 @@ CVE-2021-37232 (A stack overflow vulnerability occurs 
in Atomicparsley 20210124.
        NOTE: https://github.com/wez/atomicparsley/issues/32
 CVE-2021-37231 (A stack-buffer-overflow occurs in Atomicparsley 
20210124.204813.840499 ...)
        - atomicparsley 20210715.151551.e7ad03a-1 (bug #993372)
+       [stretch] - atomicparsley <no-dsa> (Minor issue)
        - gtkpod <unfixed> (bug #993375)
        [bullseye] - gtkpod <ignored> (Minor issue)
        [buster] - gtkpod <ignored> (Minor issue)


=====================================
data/dla-needed.txt
=====================================
@@ -44,6 +44,8 @@ firmware-nonfree
   NOTE: 20210731: WIP: 
https://salsa.debian.org/lts-team/packages/firmware-nonfree
   NOTE: 20210828: Most CVEs are difficult to backport. Contacted Ben regarding 
possible "ignore" tag
 --
+gpac
+--
 linux (Ben Hutchings)
 --
 linux-4.19 (Ben Hutchings)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/839cb5b9da7d79aa389d8ccd47f751b93d4a47f7...99dd3f50eebe4cbc2ce32fe41c293b56c13fbc26

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/839cb5b9da7d79aa389d8ccd47f751b93d4a47f7...99dd3f50eebe4cbc2ce32fe41c293b56c13fbc26
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to