Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits: 95c8fc70 by Moritz Muehlenhoff at 2021-05-17T12:51:38+02:00 record updated version number for nim issues - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -28251,20 +28251,23 @@ CVE-2021-21375 (PJSIP is a free and open source multimedia communication library NOTE: https://github.com/pjsip/pjproject/security/advisories/GHSA-hvq6-f89p-frvp NOTE: https://github.com/pjsip/pjproject/commit/97b3d7addbaa720b7ddb0af9bf6f3e443e664365 CVE-2021-21374 (Nimble is a package manager for the Nim programming language. In Nim r ...) - - nim 1.4.6-1 (bug #987272) + - nim 1.4.6+really1.4.2-1 (bug #987272) [buster] - nim <no-dsa> (Minor issue) [stretch] - nim <postponed> (Minor issue; can be fixed in next update) NOTE: https://consensys.net/diligence/vulnerabilities/nim-insecure-ssl-tls-defaults-remote-code-execution/ + NOTE: Initially fixed in 1.4.6-1, but then reverted to 1.4.2 due to bullseye freeze CVE-2021-21373 (Nimble is a package manager for the Nim programming language. In Nim r ...) - - nim 1.4.6-1 (bug #987272) + - nim 1.4.6+really1.4.2-1 (bug #987272) [buster] - nim <no-dsa> (Minor issue) [stretch] - nim <postponed> (Minor issue; can be fixed in next update) NOTE: https://consensys.net/diligence/vulnerabilities/nim-insecure-ssl-tls-defaults-remote-code-execution/ + NOTE: Initially fixed in 1.4.6-1, but then reverted to 1.4.2 due to bullseye freeze CVE-2021-21372 (Nimble is a package manager for the Nim programming language. In Nim r ...) - - nim 1.4.6-1 (bug #987272) + - nim 1.4.6+really1.4.2-1 (bug #987272) [buster] - nim <no-dsa> (Minor issue) [stretch] - nim <postponed> (Minor issue; can be fixed in next update) NOTE: https://consensys.net/diligence/vulnerabilities/nim-insecure-ssl-tls-defaults-remote-code-execution/ + NOTE: Initially fixed in 1.4.6-1, but then reverted to 1.4.2 due to bullseye freeze CVE-2021-21371 (Tenable for Jira Cloud is an open source project designed to pull Tena ...) NOT-FOR-US: Tenable for Jira Cloud CVE-2021-21370 (TYPO3 is an open source PHP based web content management system. In TY ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/95c8fc70f86bde857d3b5fcf0990fb4ab7efa585 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/95c8fc70f86bde857d3b5fcf0990fb4ab7efa585 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits