From 2fa36984f043f286b18ed9540ba37b159aca15ef Mon Sep 17 00:00:00 2001
From: security tracker role <sectracker@soriano.debian.org>
Date: Tue, 7 Dec 2021 08:10:11 +0000
Subject: automatic update

---
 data/CVE/list | 89 +++++++++++++++++++++++++++++++++++++++++++++++------------
 1 file changed, 71 insertions(+), 18 deletions(-)

diff --git a/data/CVE/list b/data/CVE/list
index 3a2e9eacdf..f2bbb61a64 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,3 +1,41 @@
+CVE-2021-44692
+	RESERVED
+CVE-2021-44691
+	RESERVED
+CVE-2021-44690
+	RESERVED
+CVE-2021-44689
+	RESERVED
+CVE-2021-44688
+	RESERVED
+CVE-2021-44687
+	RESERVED
+CVE-2021-44686 (calibre before 5.32.0 contains a regular expression that is vulnerable ...)
+	TODO: check
+CVE-2021-44685 (Git-it through 4.4.0 allows OS command injection at the Branches Aren' ...)
+	TODO: check
+CVE-2021-44684 (naholyr github-todos 3.1.0 is vulnerable to command injection. The ran ...)
+	TODO: check
+CVE-2021-44683
+	RESERVED
+CVE-2021-44682 (An issue (6 of 6) was discovered in Veritas Enterprise Vault through 1 ...)
+	TODO: check
+CVE-2021-44681 (An issue (5 of 6) was discovered in Veritas Enterprise Vault through 1 ...)
+	TODO: check
+CVE-2021-44680 (An issue (4 of 6) was discovered in Veritas Enterprise Vault through 1 ...)
+	TODO: check
+CVE-2021-44679 (An issue (3 of 6) was discovered in Veritas Enterprise Vault through 1 ...)
+	TODO: check
+CVE-2021-44678 (An issue (2 of 6) was discovered in Veritas Enterprise Vault through 1 ...)
+	TODO: check
+CVE-2021-44677 (An issue (1 of 6) was discovered in Veritas Enterprise Vault through 1 ...)
+	TODO: check
+CVE-2021-44676
+	RESERVED
+CVE-2021-44675
+	RESERVED
+CVE-2021-4075 (snipe-it is vulnerable to Server-Side Request Forgery (SSRF) ...)
+	TODO: check
 CVE-2021-4074
 	RESERVED
 CVE-2021-4073
@@ -267,53 +305,69 @@ CVE-2021-4069 (vim is vulnerable to Use After Free ...)
 CVE-2021-44548
 	RESERVED
 CVE-2021-4068
+	RESERVED
 	- chromium <unfixed>
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2021-4067
+	RESERVED
 	- chromium <unfixed>
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2021-4066
+	RESERVED
 	- chromium <unfixed>
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2021-4065
+	RESERVED
 	- chromium <unfixed>
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2021-4064
+	RESERVED
 	- chromium <unfixed>
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2021-4063
+	RESERVED
 	- chromium <unfixed>
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2021-4062
+	RESERVED
 	- chromium <unfixed>
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2021-4061
+	RESERVED
 	- chromium <unfixed>
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2021-4060
 	RESERVED
 CVE-2021-4059
+	RESERVED
 	- chromium <unfixed>
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2021-4058
+	RESERVED
 	- chromium <unfixed>
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2021-4057
+	RESERVED
 	- chromium <unfixed>
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2021-4056
+	RESERVED
 	- chromium <unfixed>
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2021-4055
+	RESERVED
 	- chromium <unfixed>
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2021-4054
+	RESERVED
 	- chromium <unfixed>
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2021-4053
+	RESERVED
 	- chromium <unfixed>
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2021-4052
+	RESERVED
 	- chromium <unfixed>
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2021-4051
@@ -413,14 +467,12 @@ CVE-2021-44515
 	RESERVED
 CVE-2021-44514
 	RESERVED
-CVE-2021-44513
-	RESERVED
+CVE-2021-44513 (Insecure creation of temporary directories in tmate-ssh-server 2.3.0 a ...)
 	- tmate-ssh-server <unfixed> (bug #1001225)
 	NOTE: Fixed by: https://github.com/tmate-io/tmate-ssh-server/commit/1c020d1f5ca462f5b150b46a027aaa1bbe3c9596
 	NOTE: https://www.openwall.com/lists/oss-security/2021/12/06/2
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1189388
-CVE-2021-44512
-	RESERVED
+CVE-2021-44512 (World-writable permissions on the /tmp/tmate/sessions directory in tma ...)
 	- tmate-ssh-server <unfixed> (bug #1001225)
 	NOTE: Fixed by: https://github.com/tmate-io/tmate-ssh-server/commit/1c020d1f5ca462f5b150b46a027aaa1bbe3c9596
 	NOTE: https://www.openwall.com/lists/oss-security/2021/12/06/2
@@ -2438,6 +2490,7 @@ CVE-2021-43786 (Nodebb is an open source Node.js based forum software. In affect
 CVE-2021-43785 (@joeattardi/emoji-button is a Vanilla JavaScript emoji picker componen ...)
 	NOT-FOR-US: @joeattardi/emoji-button
 CVE-2021-43784 (runc is a CLI tool for spawning and running containers on Linux accord ...)
+	{DLA-2841-1}
 	- runc 1.0.3+ds1-1
 	NOTE: https://github.com/opencontainers/runc/security/advisories/GHSA-v95c-p5hm-xq8f
 	NOTE: https://www.openwall.com/lists/oss-security/2021/12/06/1
@@ -13850,8 +13903,8 @@ CVE-2021-40315
 	RESERVED
 CVE-2021-40314
 	RESERVED
-CVE-2021-40313
-	RESERVED
+CVE-2021-40313 (Piwigo v11.5 was discovered to contain a SQL injection vulnerability v ...)
+	TODO: check
 CVE-2021-40312
 	RESERVED
 CVE-2021-40311
@@ -14372,8 +14425,8 @@ CVE-2021-40093
 	RESERVED
 CVE-2021-40092
 	RESERVED
-CVE-2021-40091
-	RESERVED
+CVE-2021-40091 (An SSRF issue was discovered in SquaredUp for SCOM 5.2.1.6654. ...)
+	TODO: check
 CVE-2021-40090
 	RESERVED
 CVE-2021-40089 (An issue was discovered in PrimeKey EJBCA before 7.6.0. The General Pu ...)
@@ -21136,8 +21189,8 @@ CVE-2021-37300
 	RESERVED
 CVE-2021-37299
 	RESERVED
-CVE-2021-37298
-	RESERVED
+CVE-2021-37298 (Laravel v5.1 was discovered to contain a deserialization vulnerability ...)
+	TODO: check
 CVE-2021-37297
 	RESERVED
 CVE-2021-37296
@@ -22888,14 +22941,14 @@ CVE-2021-36569
 	RESERVED
 CVE-2021-36568
 	RESERVED
-CVE-2021-36567
-	RESERVED
+CVE-2021-36567 (ThinkPHP v6.0.8 was discovered to contain a deserialization vulnerabil ...)
+	TODO: check
 CVE-2021-36566
 	RESERVED
 CVE-2021-36565
 	RESERVED
-CVE-2021-36564
-	RESERVED
+CVE-2021-36564 (ThinkPHP v6.0.8 was discovered to contain a deserialization vulnerabil ...)
+	TODO: check
 CVE-2021-36563 (The CheckMK management web console (versions 1.5.0 to 2.0.0) does not  ...)
 	- check-mk <removed>
 CVE-2021-36562
@@ -35017,10 +35070,10 @@ CVE-2021-31634
 	RESERVED
 CVE-2021-31633
 	RESERVED
-CVE-2021-31632
-	RESERVED
-CVE-2021-31631
-	RESERVED
+CVE-2021-31632 (b2evolution CMS v7.2.3 was discovered to contain a SQL injection vulne ...)
+	TODO: check
+CVE-2021-31631 (b2evolution CMS v7.2.3 was discovered to contain a Cross-Site Request  ...)
+	TODO: check
 CVE-2021-31630 (Command Injection in Open PLC Webserver v3 allows remote attackers to  ...)
 	NOT-FOR-US: Open PLC webserver
 CVE-2021-31629
-- 
cgit v1.2.3