Chris Lamb pushed to branch master at Debian Security Tracker / security-tracker
Commits: 34122203 by Chris Lamb at 2021-06-13T09:14:46+01:00 Triage CVE-2021-33833 in connman for stretch LTS. - - - - - 0f53edc5 by Chris Lamb at 2021-06-13T09:14:48+01:00 Triage CVE-2019-20790 in opendmarc for stretch LTS. - - - - - 6cdfc4f0 by Chris Lamb at 2021-06-13T09:14:49+01:00 Triage CVE-2021-28965 in ruby2.3 for stretch LTS. - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1817,6 +1817,7 @@ CVE-2021-33834 CVE-2021-33833 (ConnMan (aka Connection Manager) 1.30 through 1.39 has a stack-based b ...) - connman 1.36-2.2 (bug #989662) [buster] - connman <no-dsa> (Minor issue) + [stretch] - connman <no-dsa> (Minor issue) NOTE: https://www.openwall.com/lists/oss-security/2021/06/09/1 NOTE: https://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=eceb2e8d2341c041df55a5e2f047d9a8c491463c CVE-2021-33832 @@ -13475,6 +13476,7 @@ CVE-2021-28965 (The REXML gem before 3.2.5 in Ruby before 2.6.7, 2.7.x before 2. - ruby2.5 <removed> [buster] - ruby2.5 <postponed> (Minor issue, can be fixed along with next update) - ruby2.3 <removed> + [stretch] - ruby2.3 <postponed> (Minor issue; can be fixed in next update) [experimental] - ruby-rexml 3.2.5-1 - ruby-rexml <unfixed> (bug #986806) NOTE: https://www.ruby-lang.org/en/news/2021/04/05/xml-round-trip-vulnerability-in-rexml-cve-2021-28965/ @@ -82828,6 +82830,7 @@ CVE-2020-12267 (setMarkdown in Qt before 5.14.2 has a use-after-free related to CVE-2019-20790 (OpenDMARC through 1.3.2 and 1.4.x, when used with pypolicyd-spf 2.0.2, ...) - opendmarc 1.4.0~beta1+dfsg-4 (bug #977766) [buster] - opendmarc <no-dsa> (Minor issue) + [stretch] - opendmarc <no-dsa> (Minor issue) NOTE: https://bugs.launchpad.net/pypolicyd-spf/+bug/1838816 NOTE: https://sourceforge.net/p/opendmarc/tickets/235/ NOTE: https://www.usenix.org/system/files/sec20fall_chen-jianjun_prepub_0.pdf View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/6fbc62f048793948e4b4fe3541a87d08442368cf...6cdfc4f0b1901dd03480fb0e740f48403f525dbc -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/6fbc62f048793948e4b4fe3541a87d08442368cf...6cdfc4f0b1901dd03480fb0e740f48403f525dbc You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits