Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits: 64eb78cb by Moritz Muehlenhoff at 2022-02-03T19:45:55+01:00 buster/bullseye triage - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -14112,6 +14112,8 @@ CVE-2021-3980 (elgg is vulnerable to Exposure of Private Personal Information to CVE-2021-3979 [ceph: Ceph volume does not honour osd_dmcrypt_key_size] RESERVED - ceph <unfixed> + [bullseye] - ceph <no-dsa> (Minor issue) + [buster] - ceph <no-dsa> (Minor issue) [stretch] - ceph <no-dsa> (Minor issue) NOTE: https://www.openwall.com/lists/oss-security/2022/01/11/5 CVE-2021-44034 @@ -26105,6 +26107,8 @@ CVE-2021-40530 (The ElGamal implementation in Crypto++ through 8.5 allows plaint NOTE: https://github.com/weidai11/cryptopp/commit/bee8e8ca6658 (CRYPTOPP_8_6_0) CVE-2021-40529 (The ElGamal implementation in Botan through 2.18.1, as used in Thunder ...) - botan 2.18.1+dfsg-3 (bug #993840) + [bullseye] - botan <no-dsa> (Minor issue) + [buster] - botan <no-dsa> (Minor issue) - botan1.10 <removed> [stretch] - botan1.10 <ignored> (Affected function encrypt(...) has changed drastically. Backport is too instrusive to backport) NOTE: https://eprint.iacr.org/2021/923 @@ -68090,6 +68094,8 @@ CVE-2021-23728 RESERVED CVE-2021-23727 (This affects the package celery before 5.2.2. It by default trusts the ...) - celery 5.2.3-1 + [bullseye] - celery <no-dsa> (Minor issue) + [buster] - celery <not-affected> (Vulnerable code not present) [stretch] - celery <not-affected> (Vulnerable code introduced later) NOTE: https://github.com/celery/celery/commit/5c3f1559df16c32fb8d82918b4497f688d42ad0a (v5.2.3) NOTE: Introduced by: https://github.com/celery/celery/commit/d20b8a5d469c80f48468e251cbe6451c798d1c29 (4.4.0rc1) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/64eb78cb0eb427ad45e0729e36c9456078ea6a38 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/64eb78cb0eb427ad45e0729e36c9456078ea6a38 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits