Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: bb901c54 by Salvatore Bonaccorso at 2022-03-24T21:23:16+01:00 Sync upstream tags for clickhouse CVEs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -27042,14 +27042,14 @@ CVE-2021-43306 RESERVED CVE-2021-43305 (Heap buffer overflow in Clickhouse's LZ4 compression codec when parsin ...) - clickhouse <unfixed> (bug #1008216) - NOTE: https://github.com/ClickHouse/ClickHouse/commit/2aea1c8d4a5be320365472052d8a48bf69fd9fe9 (v22.3.2.2-lts) - NOTE: https://github.com/ClickHouse/ClickHouse/commit/6d83eacec42c7c403c99804a713a9d38caa4a45d (v22.3.2.2-lts) + NOTE: https://github.com/ClickHouse/ClickHouse/commit/2aea1c8d4a5be320365472052d8a48bf69fd9fe9 (v21.9.1.7685) + NOTE: https://github.com/ClickHouse/ClickHouse/commit/6d83eacec42c7c403c99804a713a9d38caa4a45d (v21.9.1.7685) NOTE: https://github.com/ClickHouse/ClickHouse/pull/27136 NOTE: https://jfrog.com/blog/7-rce-and-dos-vulnerabilities-found-in-clickhouse-dbms/ CVE-2021-43304 (Heap buffer overflow in Clickhouse's LZ4 compression codec when parsin ...) - clickhouse <unfixed> (bug #1008216) - NOTE: https://github.com/ClickHouse/ClickHouse/commit/2aea1c8d4a5be320365472052d8a48bf69fd9fe9 (v22.3.2.2-lts) - NOTE: https://github.com/ClickHouse/ClickHouse/commit/6d83eacec42c7c403c99804a713a9d38caa4a45d (v22.3.2.2-lts) + NOTE: https://github.com/ClickHouse/ClickHouse/commit/2aea1c8d4a5be320365472052d8a48bf69fd9fe9 (v21.9.1.7685) + NOTE: https://github.com/ClickHouse/ClickHouse/commit/6d83eacec42c7c403c99804a713a9d38caa4a45d (v21.9.1.7685) NOTE: https://github.com/ClickHouse/ClickHouse/pull/27136 NOTE: https://jfrog.com/blog/7-rce-and-dos-vulnerabilities-found-in-clickhouse-dbms/ CVE-2021-43303 (Buffer overflow in PJSUA API when calling pjsua_call_dump. An attacker ...) @@ -31240,14 +31240,14 @@ CVE-2021-42389 (Divide-by-zero in Clickhouse's Delta compression codec when pars NOTE: https://jfrog.com/blog/7-rce-and-dos-vulnerabilities-found-in-clickhouse-dbms/ CVE-2021-42388 (Heap out-of-bounds read in Clickhouse's LZ4 compression codec when par ...) - clickhouse <unfixed> (bug #1008216) - NOTE: https://github.com/ClickHouse/ClickHouse/commit/2aea1c8d4a5be320365472052d8a48bf69fd9fe9 (v22.3.2.2-lts) - NOTE: https://github.com/ClickHouse/ClickHouse/commit/6d83eacec42c7c403c99804a713a9d38caa4a45d (v22.3.2.2-lts) + NOTE: https://github.com/ClickHouse/ClickHouse/commit/2aea1c8d4a5be320365472052d8a48bf69fd9fe9 (v21.9.1.7685) + NOTE: https://github.com/ClickHouse/ClickHouse/commit/6d83eacec42c7c403c99804a713a9d38caa4a45d (v21.9.1.7685) NOTE: https://github.com/ClickHouse/ClickHouse/pull/27136 NOTE: https://jfrog.com/blog/7-rce-and-dos-vulnerabilities-found-in-clickhouse-dbms/ CVE-2021-42387 (Heap out-of-bounds read in Clickhouse's LZ4 compression codec when par ...) - clickhouse <unfixed> (bug #1008216) - NOTE: https://github.com/ClickHouse/ClickHouse/commit/2aea1c8d4a5be320365472052d8a48bf69fd9fe9 (v22.3.2.2-lts) - NOTE: https://github.com/ClickHouse/ClickHouse/commit/6d83eacec42c7c403c99804a713a9d38caa4a45d (v22.3.2.2-lts) + NOTE: https://github.com/ClickHouse/ClickHouse/commit/2aea1c8d4a5be320365472052d8a48bf69fd9fe9 (v21.9.1.7685) + NOTE: https://github.com/ClickHouse/ClickHouse/commit/6d83eacec42c7c403c99804a713a9d38caa4a45d (v21.9.1.7685) NOTE: https://github.com/ClickHouse/ClickHouse/pull/27136 NOTE: https://jfrog.com/blog/7-rce-and-dos-vulnerabilities-found-in-clickhouse-dbms/ CVE-2021-42386 (A use-after-free in Busybox's awk applet leads to denial of service an ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bb901c54d40609e8c267537ddf431020de7527b5 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bb901c54d40609e8c267537ddf431020de7527b5 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits