Chris Lamb pushed to branch master at Debian Security Tracker / security-tracker
Commits: a769c069 by Chris Lamb at 2021-09-11T09:19:56+01:00 Triage CVE-2021-40528 in libgcrypt20 for stretch LTS. - - - - - 9dada1b0 by Chris Lamb at 2021-09-11T09:20:31+01:00 Triage CVE-2021-39200 in wordpress for stretch LTS. - - - - - f8c16020 by Chris Lamb at 2021-09-11T09:21:11+01:00 data/dla-needed.txt: Triage tiff for stretch LTS (CVE-2020-19131 & CVE-2020-19144) - - - - - 2 changed files: - data/CVE/list - data/dla-needed.txt Changes: ===================================== data/CVE/list ===================================== @@ -739,6 +739,7 @@ CVE-2021-40528 (The ElGamal implementation in Libgcrypt before 1.9.4 allows plai - libgcrypt20 1.9.4-2 [bullseye] - libgcrypt20 <no-dsa> (Minor issue) [buster] - libgcrypt20 <no-dsa> (Minor issue) + [stretch] - libgcrypt20 <no-dsa> (Minor issue) NOTE: https://eprint.iacr.org/2021/923 NOTE: https://ibm.github.io/system-security-research-updates/2021/07/20/insecurity-elgamal-pt1 NOTE: https://ibm.github.io/system-security-research-updates/2021/09/06/insecurity-elgamal-pt2 @@ -3800,6 +3801,7 @@ CVE-2021-39201 (WordPress is a free and open-source content management system wr CVE-2021-39200 (WordPress is a free and open-source content management system written ...) - wordpress 5.8.1+dfsg1-1 (bug #994060) [buster] - wordpress <not-affected> (Vulnerable code introduced later in 5.2) + [stretch] - wordpress <no-dsa> (Vulnerable code added later) NOTE: https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-m9hc-7v5q-x8q5 CVE-2021-39199 (remark-html is an open source nodejs library which compiles Markdown t ...) NOT-FOR-US: Node remark-html ===================================== data/dla-needed.txt ===================================== @@ -121,3 +121,5 @@ sssd (Anton Gladky) -- thunderbird (Emilio) -- +tiff +-- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/485d425f12b9ff2697c078c290d50f6585730836...f8c16020b6bf23f113c4db1321a5af9f2eecb4ec -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/485d425f12b9ff2697c078c290d50f6585730836...f8c16020b6bf23f113c4db1321a5af9f2eecb4ec You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits