Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
e3033f6d by Salvatore Bonaccorso at 2021-03-02T19:42:01+01:00
grub2 issues fixed in unstable
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -18468,7 +18468,7 @@ CVE-2021-20234 [Memory leak in client induced by
malicious server without CURVE/
NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=22123
CVE-2021-20233
RESERVED
- - grub2 <unfixed>
+ - grub2 2.04-16
CVE-2021-20232
RESERVED
CVE-2021-20231
@@ -18506,7 +18506,7 @@ CVE-2021-20226 (A use-after-free flaw was found in the
io_uring in Linux kernel,
NOTE: https://www.zerodayinitiative.com/advisories/ZDI-21-001/
CVE-2021-20225
RESERVED
- - grub2 <unfixed>
+ - grub2 2.04-16
CVE-2021-20224
RESERVED
CVE-2021-20223
@@ -29214,7 +29214,7 @@ CVE-2020-27780 (A flaw was found in Linux-Pam in
versions prior to 1.5.1 in the
NOTE: Fixed by:
https://github.com/linux-pam/linux-pam/commit/30fdfb90d9864bcc254a62760aaa149d373fd4eb
CVE-2020-27779
RESERVED
- - grub2 <unfixed>
+ - grub2 2.04-16
CVE-2020-27778 (A flaw was found in Poppler in the way certain PDF files were
converte ...)
- poppler 0.85.0-2
[buster] - poppler <postponed> (Minor issue)
@@ -29415,7 +29415,7 @@ CVE-2020-27750 (A flaw was found in ImageMagick in
MagickCore/colorspace-private
NOTE: ImageMagick6:
https://github.com/ImageMagick/ImageMagick6/commit/c7038e710ad0204d6cb37a0229fc55f6f8a8662f
CVE-2020-27749
RESERVED
- - grub2 <unfixed>
+ - grub2 2.04-16
CVE-2020-27748 [local file inclusion vulnerability]
RESERVED
- xdg-utils <unfixed> (bug #975370)
@@ -34790,7 +34790,7 @@ CVE-2020-25648 (A flaw was found in the way NSS handled
CCS (ChangeCipherSpec) m
NOTE: Fixed by:
https://hg.mozilla.org/projects/nss/rev/57bbefa793232586d27cee83e74411171e128361
CVE-2020-25647
RESERVED
- - grub2 <unfixed>
+ - grub2 2.04-16
CVE-2020-25646 (A flaw was found in Ansible Collection community.crypto.
openssl_priva ...)
TODO: check
CVE-2020-25645 (A flaw was found in the Linux kernel in versions before
5.9-rc7. Traff ...)
@@ -34848,7 +34848,7 @@ CVE-2020-25633 (A flaw was found in RESTEasy client in
all versions of RESTEasy
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1879042
CVE-2020-25632
RESERVED
- - grub2 <unfixed>
+ - grub2 2.04-16
CVE-2020-25631 (A vulnerability was found in Moodle 3.9 to 3.9.1, 3.8 to 3.8.4
and 3.7 ...)
- moodle <removed>
CVE-2020-25630 (A vulnerability was found in Moodle where the decompressed
size of zip ...)
@@ -59410,7 +59410,7 @@ CVE-2020-14373 (A use after free was found in
igc_reloc_struct_ptr() of psi/igc.
NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=702851
CVE-2020-14372
RESERVED
- - grub2 <unfixed>
+ - grub2 2.04-16
CVE-2020-14371
RESERVED
NOT-FOR-US: Red Hat Satellite
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e3033f6d68b7823588ac75e202a7e884324dec6f
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e3033f6d68b7823588ac75e202a7e884324dec6f
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
