Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits: c4f2f279 by Moritz Muehlenhoff at 2021-03-01T14:16:35+01:00 OTRS n/a - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -14907,9 +14907,7 @@ CVE-2021-21437 CVE-2021-21436 (Agents are able to see and link Config Items without permissions, whic ...) NOT-FOR-US: OTRSCIsInCustomerFrontend (OTRS addon) CVE-2021-21435 (Article Bcc fields and agent personal information are shown when custo ...) - - otrs2 <unfixed> (bug #982586) - [buster] - otrs2 <ignored> (Non-free not supported) - [stretch] - otrs2 <ignored> (Non-free not supported) + - otrs2 <not-affected> (Doesn't affect OTRS as packaged in Debian, see bug #982586) NOTE: https://otrs.com/release-notes/otrs-security-advisory-2021-02/ CVE-2021-21434 (Survey administrator can craft a survey in such way that malicious cod ...) NOT-FOR-US: OTRS Survey addon @@ -160478,13 +160476,11 @@ CVE-2018-17439 (An issue was discovered in the HDF HDF5 1.10.3 library. There is NOTE: https://github.com/SegfaultMasters/covering360/tree/master/HDF5/vuln5#stack-overflow-in-h5s_extent_get_dims NOTE: https://jira.hdfgroup.org/browse/HDFFV-10589 CVE-2018-17438 (A SIGFPE signal is raised in the function H5D__select_io() of H5Dselec ...) - - hdf5 <unfixed> (low) - [buster] - hdf5 <no-dsa> (Minor issue) - [stretch] - hdf5 <no-dsa> (Minor issue) - [jessie] - hdf5 <ignored> (Minor issue) + - hdf5 1.10.6+repack-1 (unimportant) NOTE: https://github.com/SegfaultMasters/covering360/tree/master/HDF5/vuln4#divided-by-zero---poc_h5d__select_io_h5dselect NOTE: https://jira.hdfgroup.org/browse/HDFFV-10587 NOTE: fix in develop branch: https://bitbucket.hdfgroup.org/projects/HDFFV/repos/hdf5/commits/7add52ff4f2443357648d53d52add274d1b18b5f + NOTE: Negligible security impact CVE-2018-17437 (Memory leak in the H5O_dtype_decode_helper() function in H5Odtype.c in ...) - hdf5 1.10.6+repack-2 (low) [buster] - hdf5 <no-dsa> (Minor issue) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c4f2f27997735e0ce69c6986ae6cc2a382b65b2f -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c4f2f27997735e0ce69c6986ae6cc2a382b65b2f You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits