Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits: 27ddacb3 by Moritz Mühlenhoff at 2021-04-05T21:36:26+02:00 buster triage - - - - - 2 changed files: - data/CVE/list - data/dsa-needed.txt Changes: ===================================== data/CVE/list ===================================== @@ -372,7 +372,9 @@ CVE-2021-30002 (An issue was discovered in the Linux kernel before 5.11.3 when a CVE-2021-3481 [Out of bounds read in function QRadialFetchSimd from crafted svg file] RESERVED - qtsvg-opensource-src <unfixed> + [buster] - qtsvg-opensource-src <no-dsa> (Minor issue) - qt4-x11 <removed> + [buster] - qt4-x11 <no-dsa> (Minor issue) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1931444 NOTE: https://bugreports.qt.io/browse/QTBUG-91507 NOTE: https://codereview.qt-project.org/gitweb?p=qt%2Fqtsvg.git;a=commit;h=bfd6ee0d8cf34b63d32adf10ed93daa0086b359f (qt/qtsvg/dev) @@ -1631,7 +1633,9 @@ CVE-2021-29377 CVE-2021-29376 (ircII before 20210314 allows remote attackers to cause a denial of ser ...) - ircii-pana <removed> - ircii <unfixed> (bug #986214) + [buster] - ircii <no-dsa> (Minor issue) - scrollz <unfixed> (bug #986215) + [buster] - scrollz <no-dsa> (Minor issue) NOTE: https://www.openwall.com/lists/oss-security/2021/03/24/2 CVE-2021-29375 RESERVED @@ -4929,6 +4933,7 @@ CVE-2021-27928 (A remote code execution issue was discovered in MariaDB 10.2 bef NOTE: Fixed in MariaDB: 10.5.9, 10.4.18, 10.3.28, 10.2.27 CVE-2021-27927 (In Zabbix from 4.0.x before 4.0.28rc1, 5.0.0alpha1 before 5.0.10rc1, 5 ...) - zabbix 1:5.0.8+dfsg-1 + [buster] - zabbix <no-dsa> (Minor issue) [stretch] - zabbix <no-dsa> (minor issue) NOTE: https://support.zabbix.com/browse/ZBX-18942 CVE-2021-27926 @@ -35596,6 +35601,7 @@ CVE-2020-27639 (The Bluetooth handset of Mitel MiVoice 6873i, 6930, and 6940 SIP NOT-FOR-US: Mitel CVE-2020-27637 (The R programming language’s default package manager CRAN is aff ...) - r-base 4.0.3-1 + [buster] - r-base <no-dsa> (Minor issue) [stretch] - r-base <no-dsa> (Minor issue) NOTE: https://labs.bishopfox.com/advisories/cran-version-4.0.2 TODO: check details ===================================== data/dsa-needed.txt ===================================== @@ -32,6 +32,8 @@ python-bleach -- python-pysaml2 (jmm) -- +ruby-kramdown (jmm) +-- salt -- tomcat9 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/27ddacb39affc4cf62ba8f71a310d8e7f492060e -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/27ddacb39affc4cf62ba8f71a310d8e7f492060e You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits