Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: b29b5232 by Salvatore Bonaccorso at 2023-08-05T08:03:28+02:00 Re-associate some older NFUs to now packaged matrix-sydent - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -167209,13 +167209,17 @@ CVE-2021-29435 (trestle-auth is an authentication plugin for the Trestle admin f CVE-2021-29434 (Wagtail is a Django content management system. In affected versions of ...) NOT-FOR-US: wagtail CVE-2021-29433 (Sydent is a reference Matrix identity server. In Sydent versions 2.2.0 ...) - NOT-FOR-US: Matrix Sydent + - matrix-sydent <not-affected> (Fixed before initial upload to Debian) + NOTE: https://github.com/matrix-org/sydent/security/advisories/GHSA-pw4v-gr34-2553 CVE-2021-29432 (Sydent is a reference matrix identity server. A malicious user could a ...) - NOT-FOR-US: Matrix Sydent + - matrix-sydent <not-affected> (Fixed before initial upload to Debian) + NOTE: https://github.com/matrix-org/sydent/security/advisories/GHSA-mh74-4m5g-fcjx CVE-2021-29431 (Sydent is a reference Matrix identity server. Sydent can be induced to ...) - NOT-FOR-US: Matrix Sydent + - matrix-sydent <not-affected> (Fixed before initial upload to Debian) + NOTE: https://github.com/matrix-org/sydent/security/advisories/GHSA-9jhm-8m8c-c3f4 CVE-2021-29430 (Sydent is a reference Matrix identity server. Sydent does not limit th ...) - NOT-FOR-US: Matrix Sydent + - matrix-sydent <not-affected> (Fixed before initial upload to Debian) + NOTE: https://github.com/matrix-org/sydent/security/advisories/GHSA-wmg4-8cp2-hpg9 CVE-2021-29429 (In Gradle before version 7.0, files created with open permissions in t ...) - gradle <unfixed> (bug #987284) [bookworm] - gradle <ignored> (Minor issue) @@ -297953,7 +297957,7 @@ CVE-2019-11342 CVE-2019-11341 (On certain Samsung P(9.0) phones, an attacker with physical access can ...) NOT-FOR-US: Samsung CVE-2019-11340 (util/emailutils.py in Matrix Sydent before 1.0.2 mishandles registrati ...) - NOT-FOR-US: Matrix Sydent + - matrix-sydent <not-affected> (Fixed before initial upload to Debian) CVE-2019-11339 (The studio profile decoder in libavcodec/mpeg4videodec.c in FFmpeg 4.0 ...) - ffmpeg 7:4.1.3-1 [stretch] - ffmpeg <not-affected> (Vulnerable code not present) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b29b52322e61d3cc3c0eb908ddf717f41cebe39b -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b29b52322e61d3cc3c0eb908ddf717f41cebe39b You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits