[Git][security-tracker-team/security-tracker][master] 3 commits: Triage CVE-2021-40528 in libgcrypt20 for stretch LTS.

Sat, 11 Sep 2021 01:21:50 -0700 


Chris Lamb pushed to branch master at Debian Security Tracker / security-tracker


Commits:
a769c069 by Chris Lamb at 2021-09-11T09:19:56+01:00
Triage CVE-2021-40528 in libgcrypt20 for stretch LTS.

- - - - -
9dada1b0 by Chris Lamb at 2021-09-11T09:20:31+01:00
Triage CVE-2021-39200 in wordpress for stretch LTS.

- - - - -
f8c16020 by Chris Lamb at 2021-09-11T09:21:11+01:00
data/dla-needed.txt: Triage tiff for stretch LTS (CVE-2020-19131 & 
CVE-2020-19144)

- - - - -


2 changed files:

- data/CVE/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -739,6 +739,7 @@ CVE-2021-40528 (The ElGamal implementation in Libgcrypt 
before 1.9.4 allows plai
        - libgcrypt20 1.9.4-2
        [bullseye] - libgcrypt20 <no-dsa> (Minor issue)
        [buster] - libgcrypt20 <no-dsa> (Minor issue)
+       [stretch] - libgcrypt20 <no-dsa> (Minor issue)
        NOTE: https://eprint.iacr.org/2021/923
        NOTE: 
https://ibm.github.io/system-security-research-updates/2021/07/20/insecurity-elgamal-pt1
        NOTE: 
https://ibm.github.io/system-security-research-updates/2021/09/06/insecurity-elgamal-pt2
@@ -3800,6 +3801,7 @@ CVE-2021-39201 (WordPress is a free and open-source 
content management system wr
 CVE-2021-39200 (WordPress is a free and open-source content management system 
written  ...)
        - wordpress 5.8.1+dfsg1-1 (bug #994060)
        [buster] - wordpress <not-affected> (Vulnerable code introduced later 
in 5.2)
+       [stretch] - wordpress <no-dsa> (Vulnerable code added later)
        NOTE: 
https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-m9hc-7v5q-x8q5
 CVE-2021-39199 (remark-html is an open source nodejs library which compiles 
Markdown t ...)
        NOT-FOR-US: Node remark-html


=====================================
data/dla-needed.txt
=====================================
@@ -121,3 +121,5 @@ sssd (Anton Gladky)
 --
 thunderbird (Emilio)
 --
+tiff
+--



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/485d425f12b9ff2697c078c290d50f6585730836...f8c16020b6bf23f113c4db1321a5af9f2eecb4ec

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/485d425f12b9ff2697c078c290d50f6585730836...f8c16020b6bf23f113c4db1321a5af9f2eecb4ec
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to