[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) Sun, 19 Sep 2021 13:10:39 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
4c89a1a8 by security tracker role at 2021-09-19T20:10:19+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -694,8 +694,7 @@ CVE-2021-41075
        RESERVED
 CVE-2021-41074
        RESERVED
-CVE-2021-41073 [io_uring: ensure symmetry in handling iter types in 
loop_rw_iter()]
-       RESERVED
+CVE-2021-41073 (loop_rw_iter in fs/io_uring.c in the Linux kernel through 
5.14.6 allow ...)
        - linux 5.14.6-2
        [buster] - linux <not-affected> (Vulnerable code introduced later)
        [stretch] - linux <not-affected> (Vulnerable code introduced later)
@@ -1539,8 +1538,7 @@ CVE-2021-40692
        RESERVED
 CVE-2021-40691
        RESERVED
-CVE-2021-40690
-       RESERVED
+CVE-2021-40690 (All versions of Apache Santuario - XML Security for Java prior 
to 2.2. ...)
        - libxml-security-java <unfixed> (bug #994569)
        NOTE: https://santuario.apache.org/secadv.data/CVE-2021-40690.txt.asc
 CVE-2021-3780 (peertube is vulnerable to Improper Neutralization of Input 
During Web  ...)
@@ -20056,6 +20054,7 @@ CVE-2021-32730 (XWiki Platform is a generic wiki 
platform offering runtime servi
 CVE-2021-32729 (XWiki Platform is a generic wiki platform offering runtime 
services fo ...)
        NOT-FOR-US: XWiki
 CVE-2021-32728 (The Nextcloud Desktop Client is a tool to synchronize files 
from Nextc ...)
+       {DSA-4974-1}
        - nextcloud-desktop 3.3.1-1
        NOTE: 
https://github.com/nextcloud/security-advisories/security/advisories/GHSA-f5fr-5gcv-6cc5
        NOTE: https://github.com/nextcloud/desktop/pull/3338
@@ -43028,8 +43027,8 @@ CVE-2021-23443
        RESERVED
 CVE-2021-23442 (This affects all versions of package @cookiex/deep. The global 
proto o ...)
        TODO: check
-CVE-2021-23441
-       RESERVED
+CVE-2021-23441 (All versions of package com.jsoniter:jsoniter are vulnerable 
to Deseri ...)
+       TODO: check
 CVE-2021-23440 (This affects the package set-value before 4.0.1. A type 
confusion vuln ...)
        - node-set-value 3.0.1-3 (bug #994448)
        [bullseye] - node-set-value <no-dsa> (Minor issue)
@@ -44275,6 +44274,7 @@ CVE-2021-22897 (curl 7.61.0 through 7.76.1 suffers from 
exposure of data element
 CVE-2021-22896 (Nextcloud Mail before 1.9.5 suffers from improper access 
control due t ...)
        NOT-FOR-US: Nextcloud Mail
 CVE-2021-22895 (Nextcloud Desktop Client before 3.3.1 is vulnerable to 
improper certif ...)
+       {DSA-4974-1}
        - nextcloud-desktop 3.3.1-1 (bug #989846)
        NOTE: https://github.com/nextcloud/desktop/pull/2926
        NOTE: 
https://github.com/nextcloud/desktop/commit/b1ddd0e491b2af0ed040e658d8bcde2a7a61c9fc
 (stable-3.1)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4c89a1a8ef667dfd19d07fd9a044969a9924a385

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4c89a1a8ef667dfd19d07fd9a044969a9924a385
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to