Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: e3033f6d by Salvatore Bonaccorso at 2021-03-02T19:42:01+01:00 grub2 issues fixed in unstable - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -18468,7 +18468,7 @@ CVE-2021-20234 [Memory leak in client induced by malicious server without CURVE/ NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=22123 CVE-2021-20233 RESERVED - - grub2 <unfixed> + - grub2 2.04-16 CVE-2021-20232 RESERVED CVE-2021-20231 @@ -18506,7 +18506,7 @@ CVE-2021-20226 (A use-after-free flaw was found in the io_uring in Linux kernel, NOTE: https://www.zerodayinitiative.com/advisories/ZDI-21-001/ CVE-2021-20225 RESERVED - - grub2 <unfixed> + - grub2 2.04-16 CVE-2021-20224 RESERVED CVE-2021-20223 @@ -29214,7 +29214,7 @@ CVE-2020-27780 (A flaw was found in Linux-Pam in versions prior to 1.5.1 in the NOTE: Fixed by: https://github.com/linux-pam/linux-pam/commit/30fdfb90d9864bcc254a62760aaa149d373fd4eb CVE-2020-27779 RESERVED - - grub2 <unfixed> + - grub2 2.04-16 CVE-2020-27778 (A flaw was found in Poppler in the way certain PDF files were converte ...) - poppler 0.85.0-2 [buster] - poppler <postponed> (Minor issue) @@ -29415,7 +29415,7 @@ CVE-2020-27750 (A flaw was found in ImageMagick in MagickCore/colorspace-private NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/c7038e710ad0204d6cb37a0229fc55f6f8a8662f CVE-2020-27749 RESERVED - - grub2 <unfixed> + - grub2 2.04-16 CVE-2020-27748 [local file inclusion vulnerability] RESERVED - xdg-utils <unfixed> (bug #975370) @@ -34790,7 +34790,7 @@ CVE-2020-25648 (A flaw was found in the way NSS handled CCS (ChangeCipherSpec) m NOTE: Fixed by: https://hg.mozilla.org/projects/nss/rev/57bbefa793232586d27cee83e74411171e128361 CVE-2020-25647 RESERVED - - grub2 <unfixed> + - grub2 2.04-16 CVE-2020-25646 (A flaw was found in Ansible Collection community.crypto. openssl_priva ...) TODO: check CVE-2020-25645 (A flaw was found in the Linux kernel in versions before 5.9-rc7. Traff ...) @@ -34848,7 +34848,7 @@ CVE-2020-25633 (A flaw was found in RESTEasy client in all versions of RESTEasy NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1879042 CVE-2020-25632 RESERVED - - grub2 <unfixed> + - grub2 2.04-16 CVE-2020-25631 (A vulnerability was found in Moodle 3.9 to 3.9.1, 3.8 to 3.8.4 and 3.7 ...) - moodle <removed> CVE-2020-25630 (A vulnerability was found in Moodle where the decompressed size of zip ...) @@ -59410,7 +59410,7 @@ CVE-2020-14373 (A use after free was found in igc_reloc_struct_ptr() of psi/igc. NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=702851 CVE-2020-14372 RESERVED - - grub2 <unfixed> + - grub2 2.04-16 CVE-2020-14371 RESERVED NOT-FOR-US: Red Hat Satellite View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e3033f6d68b7823588ac75e202a7e884324dec6f -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e3033f6d68b7823588ac75e202a7e884324dec6f You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits