diff options
author | security tracker role <sectracker@soriano.debian.org> | 2021-01-29 20:10:30 +0000 |
---|---|---|
committer | security tracker role <sectracker@soriano.debian.org> | 2021-01-29 20:10:30 +0000 |
commit | f5b779aba6b7e987df73ffb6f5395ca84fd4617e (patch) | |
tree | fe1cd9d2dc6bfe09ab84d200683db07e1c6a7d08 | |
parent | afb40543d2a985bd479969fa1716b502c987f680 (diff) |
automatic update
-rw-r--r-- | data/CVE/2018.list | 6 | ||||
-rw-r--r-- | data/CVE/2019.list | 2 | ||||
-rw-r--r-- | data/CVE/2020.list | 25 | ||||
-rw-r--r-- | data/CVE/2021.list | 92 |
4 files changed, 70 insertions, 55 deletions
diff --git a/data/CVE/2018.list b/data/CVE/2018.list index 69f09332ce..a7198d14dd 100644 --- a/data/CVE/2018.list +++ b/data/CVE/2018.list @@ -1,3 +1,9 @@ +CVE-2018-25006 + RESERVED +CVE-2018-25005 + RESERVED +CVE-2018-25004 + RESERVED CVE-2018-25003 RESERVED CVE-2018-25002 (uploader.php in the KCFinder integration project through 2018-06-01 fo ...) diff --git a/data/CVE/2019.list b/data/CVE/2019.list index c262ece6bd..e916fc64c6 100644 --- a/data/CVE/2019.list +++ b/data/CVE/2019.list @@ -1,4 +1,4 @@ -CVE-2019-25016 (There is an unsafe incomplete reset of PATH in OpenDoas 6.6 through 6. ...) +CVE-2019-25016 (In OpenDoas from 6.6 to 6.8 the users PATH variable was incorrectly in ...) - doas <itp> (bug #981176) NOTE: https://github.com/Duncaen/OpenDoas/commit/01c658f8c45cb92a343be5f32aa6da70b2032168 NOTE: https://github.com/Duncaen/OpenDoas/issues/45 diff --git a/data/CVE/2020.list b/data/CVE/2020.list index 63fd6f1672..b45414e307 100644 --- a/data/CVE/2020.list +++ b/data/CVE/2020.list @@ -1363,8 +1363,7 @@ CVE-2020-35653 (In Pillow before 8.1.0, PcxDecode has a buffer over-read when de NOTE: https://pillow.readthedocs.io/en/stable/releasenotes/8.1.0.html#security NOTE: https://github.com/python-pillow/Pillow/pull/5174 NOTE: https://github.com/python-pillow/Pillow/commit/2f409261eb1228e166868f8f0b5da5cda52e55bf -CVE-2020-35652 [remote crash in res_pjsip_diversion] - RESERVED +CVE-2020-35652 (An issue was discovered in res_pjsip_diversion.c in Sangoma Asterisk b ...) - asterisk 1:16.15.1~dfsg-1 (bug #979372) [buster] - asterisk <no-dsa> (Minor issue) [stretch] - asterisk <no-dsa> (Minor issue) @@ -3355,7 +3354,7 @@ CVE-2020-29396 (A sandboxing issue in Odoo Community 11.0 through 13.0 and Odoo NOTE: https://github.com/odoo/odoo/issues/63712 CVE-2020-29395 (The EventON plugin through 3.0.5 for WordPress allows addons/?q= XSS v ...) NOT-FOR-US: EventON plugin for WordPress -CVE-2020-29394 (A buffer overflow in the dlt_filter_load function in dlt_common.c in d ...) +CVE-2020-29394 (A buffer overflow in the dlt_filter_load function in dlt_common.c from ...) - dlt-daemon 2.18.5-0.3 (bug #976228) [buster] - dlt-daemon <no-dsa> (Minor issue) NOTE: https://github.com/GENIVI/dlt-daemon/issues/274 @@ -14238,20 +14237,20 @@ CVE-2020-24672 RESERVED CVE-2020-24671 RESERVED -CVE-2020-24670 - RESERVED -CVE-2020-24669 - RESERVED +CVE-2020-24670 (The Dashboard Editor in Hitachi Vantara Pentaho through 7.x - 8.x cont ...) + TODO: check +CVE-2020-24669 (The New Analysis Report in Hitachi Vantara Pentaho through 7.x - 8.x c ...) + TODO: check CVE-2020-24668 RESERVED CVE-2020-24667 RESERVED -CVE-2020-24666 - RESERVED -CVE-2020-24665 - RESERVED -CVE-2020-24664 - RESERVED +CVE-2020-24666 (The Analysis Report in Hitachi Vantara Pentaho through 7.x - 8.x conta ...) + TODO: check +CVE-2020-24665 (The Dashboard Editor in Hitachi Vantara Pentaho through 7.x - 8.x cont ...) + TODO: check +CVE-2020-24664 (The dashboard Editor in Hitachi Vantara Pentaho through 7.x - 8.x cont ...) + TODO: check CVE-2020-24663 RESERVED CVE-2020-24662 diff --git a/data/CVE/2021.list b/data/CVE/2021.list index 854272012f..dd1a306d59 100644 --- a/data/CVE/2021.list +++ b/data/CVE/2021.list @@ -1,10 +1,20 @@ +CVE-2021-3346 (Foris before 101.1.1, as used in Turris OS, lacks certain HTML escapin ...) + TODO: check +CVE-2021-3345 (_gcry_md_block_write in cipher/hash-common.c in Libgcrypt before 1.9.1 ...) + TODO: check +CVE-2021-3344 + RESERVED +CVE-2021-26310 + RESERVED +CVE-2021-26309 + RESERVED CVE-2021-XXXX [libgcrypt heap overflow] [experimental] - libgcrypt20 <unfixed> - libgcrypt20 <not-affected> (Only affected 1.9) NOTE: https://lists.gnupg.org/pipermail/gnupg-announce/2021q1/000456.html NOTE: https://dev.gnupg.org/T5275 NOTE: Introduced by: https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=commit;h=e76617cbab018dd8f41fd6b4ec6740b5303f7e13 -CVE-2021-3347 [UAF in futex] +CVE-2021-3347 (An issue was discovered in the Linux kernel through 5.10.11. PI futexe ...) - linux <unfixed> NOTE: https://www.openwall.com/lists/oss-security/2021/01/29/1 CVE-2021-3343 @@ -939,10 +949,10 @@ CVE-2021-25912 RESERVED CVE-2021-25911 RESERVED -CVE-2021-25910 - RESERVED -CVE-2021-25909 - RESERVED +CVE-2021-25910 (Improper Authentication vulnerability in the cookie parameter of ZIV A ...) + TODO: check +CVE-2021-25909 (ZIV Automation 4CCT-EA6-334126BF firmware version 3.23.80.27.36371, al ...) + TODO: check CVE-2021-25908 (An issue was discovered in the fil-ocl crate through 2021-01-04 for Ru ...) NOT-FOR-US: Rust crate fil-ocl CVE-2021-25907 (An issue was discovered in the containers crate before 0.9.11 for Rust ...) @@ -2804,38 +2814,38 @@ CVE-2021-25140 RESERVED CVE-2021-25139 RESERVED -CVE-2021-25138 - RESERVED -CVE-2021-25137 - RESERVED -CVE-2021-25136 - RESERVED -CVE-2021-25135 - RESERVED -CVE-2021-25134 - RESERVED -CVE-2021-25133 - RESERVED -CVE-2021-25132 - RESERVED -CVE-2021-25131 - RESERVED -CVE-2021-25130 - RESERVED -CVE-2021-25129 - RESERVED -CVE-2021-25128 - RESERVED -CVE-2021-25127 - RESERVED -CVE-2021-25126 - RESERVED -CVE-2021-25125 - RESERVED -CVE-2021-25124 - RESERVED -CVE-2021-25123 - RESERVED +CVE-2021-25138 (The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 ...) + TODO: check +CVE-2021-25137 (The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 ...) + TODO: check +CVE-2021-25136 (The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 ...) + TODO: check +CVE-2021-25135 (The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 ...) + TODO: check +CVE-2021-25134 (The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 ...) + TODO: check +CVE-2021-25133 (The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 ...) + TODO: check +CVE-2021-25132 (The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 ...) + TODO: check +CVE-2021-25131 (The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 ...) + TODO: check +CVE-2021-25130 (The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 ...) + TODO: check +CVE-2021-25129 (The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 ...) + TODO: check +CVE-2021-25128 (The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 ...) + TODO: check +CVE-2021-25127 (The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 ...) + TODO: check +CVE-2021-25126 (The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 ...) + TODO: check +CVE-2021-25125 (The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 ...) + TODO: check +CVE-2021-25124 (The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 ...) + TODO: check +CVE-2021-25123 (The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 ...) + TODO: check CVE-2021-25122 RESERVED CVE-2021-25121 @@ -6587,8 +6597,8 @@ CVE-2021-23330 RESERVED CVE-2021-23329 RESERVED -CVE-2021-23328 - RESERVED +CVE-2021-23328 (This affects all versions of package iniparserjs. This vulnerability r ...) + TODO: check CVE-2021-23327 RESERVED CVE-2021-23326 (This affects the package @graphql-tools/git-loader before 6.2.6. The u ...) @@ -12200,8 +12210,8 @@ CVE-2021-20588 RESERVED CVE-2021-20587 RESERVED -CVE-2021-20586 - RESERVED +CVE-2021-20586 (Resource management errors vulnerability in a robot controller of MELF ...) + TODO: check CVE-2021-20585 RESERVED CVE-2021-20584 |