Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits: deac0a55 by Moritz Muehlenhoff at 2022-07-11T21:42:19+02:00 bugnums - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -26529,7 +26529,7 @@ CVE-2022-0761 CVE-2022-0760 (The Simple Link Directory WordPress plugin before 7.7.2 does not valid ...) NOT-FOR-US: WordPress plugin CVE-2022-0759 (A flaw was found in all versions of kubeclient up to (but not includin ...) - - ruby-kubeclient <unfixed> + - ruby-kubeclient <unfixed> (bug #1014780) [bullseye] - ruby-kubeclient <no-dsa> (Minor issue) [buster] - ruby-kubeclient <no-dsa> (Minor issue) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2058404 @@ -26843,7 +26843,7 @@ CVE-2022-25846 CVE-2022-25845 (The package com.alibaba:fastjson before 1.2.83 are vulnerable to Deser ...) NOT-FOR-US: com.alibaba:fastjson CVE-2022-25844 (The package angular after 1.7.0 are vulnerable to Regular Expression D ...) - - angular.js <unfixed> + - angular.js <unfixed> (bug #1014779) [stretch] - angular.js <ignored> (Nodejs in stretch not covered by security support) NOTE: https://snyk.io/vuln/SNYK-JS-ANGULAR-2772735 CVE-2022-25843 @@ -78398,7 +78398,7 @@ CVE-2021-32753 (EdgeX Foundry is an open source project for building a common op CVE-2021-32752 (Ether Logs is a package that allows one to check one's logs in the Cra ...) NOT-FOR-US: Ether Logs CVE-2021-32751 (Gradle is a build tool with a focus on build automation. In versions p ...) - - gradle <unfixed> + - gradle <unfixed> (bug #1014778) [bullseye] - gradle <ignored> (Minor issue) [buster] - gradle <ignored> (Minor issue) [stretch] - gradle <no-dsa> (Minor issue) @@ -79579,7 +79579,7 @@ CVE-2021-32296 CVE-2021-32295 RESERVED CVE-2021-32294 (An issue was discovered in libgig through 20200507. A heap-buffer-over ...) - - libgig <unfixed> + - libgig <unfixed> (bug #1014777) [bullseye] - libgig <ignored> (Minor issue) [buster] - libgig <ignored> (Minor issue) [stretch] - libgig <postponed> (Minor issue, revisit when/if fixed upstream) @@ -100968,7 +100968,7 @@ CVE-2021-23922 (An issue was discovered in Devolutions Remote Desktop Manager be CVE-2021-23921 (An issue was discovered in Devolutions Server before 2020.3. There is ...) NOT-FOR-US: Devolutions Server CVE-2020-36191 (JupyterHub 1.1.0 allows CSRF in the admin panel via a request that lac ...) - - jupyterhub <unfixed> + - jupyterhub <unfixed> (bug #1014774) NOTE: https://github.com/jupyterhub/jupyterhub/issues/3304 CVE-2020-36190 (RailsAdmin (aka rails_admin) before 1.4.3 and 2.x before 2.0.2 allows ...) NOT-FOR-US: RailsAdmin @@ -118799,7 +118799,7 @@ CVE-2020-28590 (An out-of-bounds read vulnerability exists in the Obj File Trian NOTE: https://github.com/slic3r/Slic3r/issues/5074 NOTE: Crash in enduser application, no security impact CVE-2020-28589 (An improper array index validation vulnerability exists in the LoadObj ...) - - tinyobjloader <undetermined> + - tinyobjloader <unfixed> (bug #1014776) NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2020-1212 CVE-2020-28588 (An information disclosure vulnerability exists in the /proc/pid/syscal ...) - linux 5.9.15-1 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/deac0a55ef18280add910102379bbfbbe068531b -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/deac0a55ef18280add910102379bbfbbe068531b You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits