Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits: 94ba48c7 by Moritz Muehlenhoff at 2021-02-14T14:19:32+01:00 NFUs - - - - - 2 changed files: - data/CVE/list - data/dsa-needed.txt Changes: ===================================== data/CVE/list ===================================== @@ -69,9 +69,9 @@ CVE-2021-27190 (A Stored Cross Site Scripting(XSS) Vulnerability was discovered CVE-2021-27189 RESERVED CVE-2021-27188 (The Sovremennye Delovye Tekhnologii FX Aggregator terminal client 1 al ...) - TODO: check + NOT-FOR-US: Sovremennye Delovye Tekhnologii FX Aggregator CVE-2021-27187 (The Sovremennye Delovye Tekhnologii FX Aggregator terminal client 1 st ...) - TODO: check + NOT-FOR-US: Sovremennye Delovye Tekhnologii FX Aggregator CVE-2021-27186 (Fluent Bit 1.6.10 has a NULL pointer dereference when an flb_malloc re ...) NOT-FOR-US: Fluent Bit CVE-2021-27185 (The samba-client package before 4.0.0 for Node.js allows command injec ...) @@ -1016,11 +1016,11 @@ CVE-2021-26755 CVE-2021-26754 (wpDataTables before 3.4.1 mishandles order direction for server-side t ...) NOT-FOR-US: wpDataTables WordPress plugin CVE-2021-26753 (NeDi 1.9C allows an authenticated user to inject PHP code in the Syste ...) - TODO: check + NOT-FOR-US: NeDi CVE-2021-26752 (NeDi 1.9C allows an authenticated user to execute operating system com ...) - TODO: check + NOT-FOR-US: NeDi CVE-2021-26751 (NeDi 1.9C allows an authenticated user to perform a SQL Injection in t ...) - TODO: check + NOT-FOR-US: NeDi CVE-2021-26750 RESERVED CVE-2021-26749 @@ -22563,9 +22563,9 @@ CVE-2020-28647 (In Progress MOVEit Transfer before 2020.1, a malicious user coul CVE-2020-28646 RESERVED CVE-2020-28645 (Deleting users with certain names caused system files to be deleted. R ...) - TODO: check + - owncloud <removed> CVE-2020-28644 (The CSRF (Cross Site Request Forgery) token check was improperly imple ...) - TODO: check + - owncloud <removed> CVE-2020-28643 RESERVED CVE-2020-28642 (In InfiniteWP Admin Panel before 3.1.12.3, resetPasswordSendMail gener ...) @@ -23668,9 +23668,9 @@ CVE-2020-28598 CVE-2020-28597 RESERVED CVE-2020-28596 (A stack-based buffer overflow vulnerability exists in the Objparser::o ...) - TODO: check + NOT-FOR-US: PrusaSlicer CVE-2020-28595 (An out-of-bounds write vulnerability exists in the Obj.cpp load_obj() ...) - TODO: check + NOT-FOR-US: PrusaSlicer CVE-2020-28594 RESERVED CVE-2020-28593 ===================================== data/dsa-needed.txt ===================================== @@ -24,7 +24,7 @@ linux (carnil) netty Markus Koschany possibly can prepare update -- -php7.3 +php7.3 (jmm) Maintainer proposed an update via 7.3.27 -- python-pysaml2 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/94ba48c73b705cdd44f7d3f5c453909c11c86c14 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/94ba48c73b705cdd44f7d3f5c453909c11c86c14 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits