Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
94ba48c7 by Moritz Muehlenhoff at 2021-02-14T14:19:32+01:00
NFUs
- - - - -
2 changed files:
- data/CVE/list
- data/dsa-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -69,9 +69,9 @@ CVE-2021-27190 (A Stored Cross Site Scripting(XSS)
Vulnerability was discovered
CVE-2021-27189
RESERVED
CVE-2021-27188 (The Sovremennye Delovye Tekhnologii FX Aggregator terminal
client 1 al ...)
- TODO: check
+ NOT-FOR-US: Sovremennye Delovye Tekhnologii FX Aggregator
CVE-2021-27187 (The Sovremennye Delovye Tekhnologii FX Aggregator terminal
client 1 st ...)
- TODO: check
+ NOT-FOR-US: Sovremennye Delovye Tekhnologii FX Aggregator
CVE-2021-27186 (Fluent Bit 1.6.10 has a NULL pointer dereference when an
flb_malloc re ...)
NOT-FOR-US: Fluent Bit
CVE-2021-27185 (The samba-client package before 4.0.0 for Node.js allows
command injec ...)
@@ -1016,11 +1016,11 @@ CVE-2021-26755
CVE-2021-26754 (wpDataTables before 3.4.1 mishandles order direction for
server-side t ...)
NOT-FOR-US: wpDataTables WordPress plugin
CVE-2021-26753 (NeDi 1.9C allows an authenticated user to inject PHP code in
the Syste ...)
- TODO: check
+ NOT-FOR-US: NeDi
CVE-2021-26752 (NeDi 1.9C allows an authenticated user to execute operating
system com ...)
- TODO: check
+ NOT-FOR-US: NeDi
CVE-2021-26751 (NeDi 1.9C allows an authenticated user to perform a SQL
Injection in t ...)
- TODO: check
+ NOT-FOR-US: NeDi
CVE-2021-26750
RESERVED
CVE-2021-26749
@@ -22563,9 +22563,9 @@ CVE-2020-28647 (In Progress MOVEit Transfer before
2020.1, a malicious user coul
CVE-2020-28646
RESERVED
CVE-2020-28645 (Deleting users with certain names caused system files to be
deleted. R ...)
- TODO: check
+ - owncloud <removed>
CVE-2020-28644 (The CSRF (Cross Site Request Forgery) token check was
improperly imple ...)
- TODO: check
+ - owncloud <removed>
CVE-2020-28643
RESERVED
CVE-2020-28642 (In InfiniteWP Admin Panel before 3.1.12.3,
resetPasswordSendMail gener ...)
@@ -23668,9 +23668,9 @@ CVE-2020-28598
CVE-2020-28597
RESERVED
CVE-2020-28596 (A stack-based buffer overflow vulnerability exists in the
Objparser::o ...)
- TODO: check
+ NOT-FOR-US: PrusaSlicer
CVE-2020-28595 (An out-of-bounds write vulnerability exists in the Obj.cpp
load_obj() ...)
- TODO: check
+ NOT-FOR-US: PrusaSlicer
CVE-2020-28594
RESERVED
CVE-2020-28593
=====================================
data/dsa-needed.txt
=====================================
@@ -24,7 +24,7 @@ linux (carnil)
netty
Markus Koschany possibly can prepare update
--
-php7.3
+php7.3 (jmm)
Maintainer proposed an update via 7.3.27
--
python-pysaml2
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/94ba48c73b705cdd44f7d3f5c453909c11c86c14
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/94ba48c73b705cdd44f7d3f5c453909c11c86c14
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
