Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
68adc46a by security tracker role at 2021-09-18T20:10:16+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,9 @@
+CVE-2021-41395 (Teleport before 6.2.12 and 7.x before 7.1.1 allows attackers
to contro ...)
+ TODO: check
+CVE-2021-41394 (Teleport before 4.4.11, 5.x before 5.2.4, 6.x before 6.2.12,
and 7.x b ...)
+ TODO: check
+CVE-2021-41393 (Teleport before 4.4.11, 5.x before 5.2.4, 6.x before 6.2.12,
and 7.x b ...)
+ TODO: check
CVE-2021-41392 (static/main-preload.js in Boost Note through 0.22.0 allows
remote comm ...)
TODO: check
CVE-2021-41391 (In Ericsson ECM before 18.0, it was observed that Security
Management ...)
@@ -201,8 +207,8 @@ CVE-2021-3807 (ansi-regex is vulnerable to Inefficient
Regular Expression Comple
[buster] - node-ansi-regex <no-dsa> (Minor issue)
NOTE: https://huntr.dev/bounties/5b3cf33b-ede0-4398-9974-800876dfd994
NOTE:
https://github.com/chalk/ansi-regex/commit/8d1d7cdb586269882c4bdc1b7325d0c58c8f76f9
(v6.0.1)
-CVE-2021-3806
- RESERVED
+CVE-2021-3806 (A path traversal vulnerability on Pardus Software Center's
"extractArc ...)
+ TODO: check
CVE-2021-3805 (object-path is vulnerable to Improperly Controlled Modification
of Obj ...)
- node-object-path 0.11.8-1
[bullseye] - node-object-path <no-dsa> (Minor issue)
@@ -17230,7 +17236,7 @@ CVE-2021-33849
CVE-2021-3581
RESERVED
CVE-2021-3580 (A flaw was found in the way nettle's RSA decryption functions
handled ...)
- {DSA-4933-1}
+ {DSA-4933-1 DLA-2760-1}
- nettle 3.7.3-1 (bug #989631)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1967983
NOTE:
https://git.lysator.liu.se/nettle/nettle/-/commit/0ad0b5df315665250dfdaa4a1e087f4799edaefe
@@ -51888,7 +51894,7 @@ CVE-2021-20307 (Format string vulnerability in
panoFileOutputNamesCreate() in li
CVE-2021-20306 (A flaw was found in the BPMN editor in version jBPM
7.51.0.Final. Any ...)
NOT-FOR-US: Red Hat Business Central
CVE-2021-20305 (A flaw was found in Nettle in versions before 3.7.2, where
several Net ...)
- {DSA-4933-1}
+ {DSA-4933-1 DLA-2760-1}
- nettle 3.7.2-1 (bug #985652)
NOTE:
https://lists.lysator.liu.se/pipermail/nettle-bugs/2021/009457.html
NOTE: New functions ecc_mod_mul_canonical and ecc_mod_sqr_canonical:
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/68adc46aa6deaa2b2de2029cc8758298b4215844
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/68adc46aa6deaa2b2de2029cc8758298b4215844
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
