[Git][security-tracker-team/security-tracker][master] buster triage

Moritz Muehlenhoff Mon, 05 Apr 2021 12:36:55 -0700


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
27ddacb3 by Moritz Mühlenhoff at 2021-04-05T21:36:26+02:00
buster triage

- - - - -


2 changed files:

- data/CVE/list
- data/dsa-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -372,7 +372,9 @@ CVE-2021-30002 (An issue was discovered in the Linux kernel 
before 5.11.3 when a
 CVE-2021-3481 [Out of bounds read in function QRadialFetchSimd from crafted 
svg file]
        RESERVED
        - qtsvg-opensource-src <unfixed>
+       [buster] - qtsvg-opensource-src <no-dsa> (Minor issue)
        - qt4-x11 <removed>
+       [buster] - qt4-x11 <no-dsa> (Minor issue)
        NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1931444
        NOTE: https://bugreports.qt.io/browse/QTBUG-91507
        NOTE: 
https://codereview.qt-project.org/gitweb?p=qt%2Fqtsvg.git;a=commit;h=bfd6ee0d8cf34b63d32adf10ed93daa0086b359f
 (qt/qtsvg/dev)
@@ -1631,7 +1633,9 @@ CVE-2021-29377
 CVE-2021-29376 (ircII before 20210314 allows remote attackers to cause a 
denial of ser ...)
        - ircii-pana <removed>
        - ircii <unfixed> (bug #986214)
+       [buster] - ircii <no-dsa> (Minor issue)
        - scrollz <unfixed> (bug #986215)
+       [buster] - scrollz <no-dsa> (Minor issue)
        NOTE: https://www.openwall.com/lists/oss-security/2021/03/24/2
 CVE-2021-29375
        RESERVED
@@ -4929,6 +4933,7 @@ CVE-2021-27928 (A remote code execution issue was 
discovered in MariaDB 10.2 bef
        NOTE: Fixed in MariaDB: 10.5.9, 10.4.18, 10.3.28, 10.2.27
 CVE-2021-27927 (In Zabbix from 4.0.x before 4.0.28rc1, 5.0.0alpha1 before 
5.0.10rc1, 5 ...)
        - zabbix 1:5.0.8+dfsg-1
+       [buster] - zabbix <no-dsa> (Minor issue)
        [stretch] - zabbix <no-dsa> (minor issue)
        NOTE: https://support.zabbix.com/browse/ZBX-18942
 CVE-2021-27926
@@ -35596,6 +35601,7 @@ CVE-2020-27639 (The Bluetooth handset of Mitel MiVoice 
6873i, 6930, and 6940 SIP
        NOT-FOR-US: Mitel
 CVE-2020-27637 (The R programming language&#8217;s default package manager 
CRAN is aff ...)
        - r-base 4.0.3-1
+       [buster] - r-base <no-dsa> (Minor issue)
        [stretch] - r-base <no-dsa> (Minor issue)
        NOTE: https://labs.bishopfox.com/advisories/cran-version-4.0.2
        TODO: check details


=====================================
data/dsa-needed.txt
=====================================
@@ -32,6 +32,8 @@ python-bleach
 --
 python-pysaml2 (jmm)
 --
+ruby-kramdown (jmm)
+--
 salt
 --
 tomcat9



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/27ddacb39affc4cf62ba8f71a310d8e7f492060e

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/27ddacb39affc4cf62ba8f71a310d8e7f492060e
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] buster triage

Reply via email to