diff options
| author | Moritz Muehlenhoff <jmm@debian.org> | 2021-03-01 14:16:35 +0100 |
|---|---|---|
| committer | Moritz Muehlenhoff <jmm@debian.org> | 2021-03-01 14:16:35 +0100 |
| commit | f4ea94df30be3d2090594bec229b4964bc9490fd (patch) | |
| tree | 718b67ae582fb8317aee07097caac598f8de865e | |
| parent | 228c2366c40a902734aba327d4bc4e538f59bff9 (diff) | |
OTRS n/a
| -rw-r--r-- | data/CVE/2018.list | 6 | ||||
| -rw-r--r-- | data/CVE/2021.list | 4 |
2 files changed, 3 insertions, 7 deletions
diff --git a/data/CVE/2018.list b/data/CVE/2018.list index 3b32cd7b37..8ffead51c4 100644 --- a/data/CVE/2018.list +++ b/data/CVE/2018.list @@ -10349,13 +10349,11 @@ CVE-2018-17439 (An issue was discovered in the HDF HDF5 1.10.3 library. There is NOTE: https://github.com/SegfaultMasters/covering360/tree/master/HDF5/vuln5#stack-overflow-in-h5s_extent_get_dims NOTE: https://jira.hdfgroup.org/browse/HDFFV-10589 CVE-2018-17438 (A SIGFPE signal is raised in the function H5D__select_io() of H5Dselec ...) - - hdf5 <unfixed> (low) - [buster] - hdf5 <no-dsa> (Minor issue) - [stretch] - hdf5 <no-dsa> (Minor issue) - [jessie] - hdf5 <ignored> (Minor issue) + - hdf5 1.10.6+repack-1 (unimportant) NOTE: https://github.com/SegfaultMasters/covering360/tree/master/HDF5/vuln4#divided-by-zero---poc_h5d__select_io_h5dselect NOTE: https://jira.hdfgroup.org/browse/HDFFV-10587 NOTE: fix in develop branch: https://bitbucket.hdfgroup.org/projects/HDFFV/repos/hdf5/commits/7add52ff4f2443357648d53d52add274d1b18b5f + NOTE: Negligible security impact CVE-2018-17437 (Memory leak in the H5O_dtype_decode_helper() function in H5Odtype.c in ...) - hdf5 1.10.6+repack-2 (low) [buster] - hdf5 <no-dsa> (Minor issue) diff --git a/data/CVE/2021.list b/data/CVE/2021.list index 3e9abef0ce..d2b926fb26 100644 --- a/data/CVE/2021.list +++ b/data/CVE/2021.list @@ -13837,9 +13837,7 @@ CVE-2021-21437 CVE-2021-21436 (Agents are able to see and link Config Items without permissions, whic ...) NOT-FOR-US: OTRSCIsInCustomerFrontend (OTRS addon) CVE-2021-21435 (Article Bcc fields and agent personal information are shown when custo ...) - - otrs2 <unfixed> (bug #982586) - [buster] - otrs2 <ignored> (Non-free not supported) - [stretch] - otrs2 <ignored> (Non-free not supported) + - otrs2 <not-affected> (Doesn't affect OTRS as packaged in Debian, see bug #982586) NOTE: https://otrs.com/release-notes/otrs-security-advisory-2021-02/ CVE-2021-21434 (Survey administrator can craft a survey in such way that malicious cod ...) NOT-FOR-US: OTRS Survey addon |