[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso Wed, 31 Mar 2021 01:10:49 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
4e809321 by security tracker role at 2021-03-31T08:10:28+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,23 @@
+CVE-2021-29653
+       RESERVED
+CVE-2021-29652
+       RESERVED
+CVE-2021-29651
+       RESERVED
+CVE-2021-29650 (An issue was discovered in the Linux kernel before 5.11.11. 
The netfil ...)
+       TODO: check
+CVE-2021-29649 (An issue was discovered in the Linux kernel before 5.11.11. 
The user m ...)
+       TODO: check
+CVE-2021-29648 (An issue was discovered in the Linux kernel before 5.11.11. 
The BPF su ...)
+       TODO: check
+CVE-2021-29647 (An issue was discovered in the Linux kernel before 5.11.11. 
qrtr_recvm ...)
+       TODO: check
+CVE-2021-29646 (An issue was discovered in the Linux kernel before 5.11.11. 
tipc_nl_re ...)
+       TODO: check
+CVE-2020-36285
+       RESERVED
+CVE-2020-36284
+       RESERVED
 CVE-2021-3480
        RESERVED
 CVE-2021-3479 [Out-of-memory caused by allocation of a very large buffer]
@@ -19829,8 +19849,8 @@ CVE-2021-21415
        RESERVED
 CVE-2021-21414
        RESERVED
-CVE-2021-21413
-       RESERVED
+CVE-2021-21413 (isolated-vm is a library for nodejs which gives you access to 
v8's Iso ...)
+       TODO: check
 CVE-2021-21412 (Potential for arbitrary code execution in npm package 
@thi.ng/egf `#gp ...)
        TODO: check
 CVE-2021-21411 (OAuth2-Proxy is an open source reverse proxy that provides 
authenticat ...)
@@ -40775,8 +40795,8 @@ CVE-2020-24997
 CVE-2020-24996 (There is an invalid memory access in the function 
TextString::~TextStr ...)
        - xpdf <not-affected> (xpdf in Debian uses poppler, which is fixed)
        NOTE: https://forum.xpdfreader.com/viewtopic.php?f=3&t=42028
-CVE-2020-24995
-       RESERVED
+CVE-2020-24995 (Buffer overflow vulnerability in sniff_channel_order function 
in aacde ...)
+       TODO: check
 CVE-2020-24994 (Stack overflow in the parse_tag function in libass/ass_parse.c 
in liba ...)
        - libass 1:0.15.0-1
        [buster] - libass <no-dsa> (Minor issue)
@@ -42109,8 +42129,8 @@ CVE-2020-24392 (In voloko twitter-stream 0.1.10, 
missing TLS hostname validation
        [buster] - ruby-twitter-stream <no-dsa> (Minor issue)
        [stretch] - ruby-twitter-stream <no-dsa> (Minor issue)
        NOTE: 
https://securitylab.github.com/advisories/GHSL-2020-097-voloko-twitter-stream
-CVE-2020-24391
-       RESERVED
+CVE-2020-24391 (mongo-express before 1.0.0 offers support for certain advanced 
syntax  ...)
+       TODO: check
 CVE-2020-24390 (eonweb in EyesOfNetwork before 5.3-7 does not properly escape 
the user ...)
        NOT-FOR-US: EyesOfNetwork (EON)
 CVE-2020-24389



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4e809321207b9eb83545759afae904fc246e4d1c

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4e809321207b9eb83545759afae904fc246e4d1c
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to