diff options
author | Moritz Muehlenhoff <jmm@debian.org> | 2021-02-04 13:58:23 +0100 |
---|---|---|
committer | Moritz Muehlenhoff <jmm@debian.org> | 2021-02-04 13:58:23 +0100 |
commit | db7c975212dc06c61c86716701cd0ec35b531189 (patch) | |
tree | 94b593b127f58cc9ab36628a8c87aec535a7333d /data/CVE | |
parent | d9d42b074062f6460f56b5c956540d0404329589 (diff) |
mark some linux issues as <postponed> for buster
podofo unimportant
add openwall refs for nim issues
Diffstat (limited to 'data/CVE')
-rw-r--r-- | data/CVE/2018.list | 6 | ||||
-rw-r--r-- | data/CVE/2019.list | 3 | ||||
-rw-r--r-- | data/CVE/2020.list | 3 |
3 files changed, 8 insertions, 4 deletions
diff --git a/data/CVE/2018.list b/data/CVE/2018.list index a987d2e603..52619b55c6 100644 --- a/data/CVE/2018.list +++ b/data/CVE/2018.list @@ -1137,11 +1137,9 @@ CVE-2018-20799 (In pfSense 2.4.4_1, blocking of source IP addresses on the basis CVE-2018-20798 (The expiretable configuration in pfSense 2.4.4_1 establishes block dur ...) NOT-FOR-US: pfSense CVE-2018-20797 (An issue was discovered in PoDoFo 0.9.6. There is an attempted excessi ...) - - libpodofo <unfixed> (low; bug #923415) - [buster] - libpodofo <no-dsa> (Minor issue) - [stretch] - libpodofo <no-dsa> (Minor issue) - [jessie] - libpodofo <no-dsa> (Minor issue) + - libpodofo <unfixed> (unimportant; bug #923415) NOTE: https://sourceforge.net/p/podofo/tickets/34/ + NOTE: Negligible security impact CVE-2018-20796 (In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limi ...) - glibc <unfixed> (unimportant) - eglibc <removed> (unimportant) diff --git a/data/CVE/2019.list b/data/CVE/2019.list index 78becbe43e..a4b237b449 100644 --- a/data/CVE/2019.list +++ b/data/CVE/2019.list @@ -12352,6 +12352,8 @@ CVE-2019-16061 (A number of files on the NETSAS Enigma NMS server 65.0.0 and pri NOT-FOR-US: NETSAS Enigma NMS CVE-2019-16089 (An issue was discovered in the Linux kernel through 5.2.13. nbd_genl_s ...) - linux <unfixed> + [bullseye] - linux <postponed> (Minor issue, revisit when fixed upstream) + [buster] - linux <postponed> (Minor issue, revisit when fixed upstream) [stretch] - linux <not-affected> (Vulnerable code not present) [jessie] - linux <not-affected> (Vulnerable code not present) CVE-2019-16060 (The Airbrake Ruby notifier 4.2.3 for Airbrake mishandles the blacklist ...) @@ -14486,6 +14488,7 @@ CVE-2019-15214 (An issue was discovered in the Linux kernel before 5.0.10. There [stretch] - linux 4.9.184-1 CVE-2019-15213 (An issue was discovered in the Linux kernel before 5.2.3. There is a u ...) - linux <unfixed> + [bullseye] - linux <postponed> (Revisit when correctly fixed upstream) [stretch] - linux <not-affected> (Vulnerable code introduced later) [jessie] - linux <not-affected> (Vulnerable code introduced later) CVE-2019-15212 (An issue was discovered in the Linux kernel before 5.1.8. There is a d ...) diff --git a/data/CVE/2020.list b/data/CVE/2020.list index 5f9dc3346b..a352077e7c 100644 --- a/data/CVE/2020.list +++ b/data/CVE/2020.list @@ -32989,14 +32989,17 @@ CVE-2020-15694 (In Nim 1.2.4, the standard library httpClient fails to properly - nim 1.2.6-1 [buster] - nim <no-dsa> (Minor issue) [stretch] - nim <no-dsa> (Minor issue) + NOTE: https://www.openwall.com/lists/oss-security/2021/02/04/2 CVE-2020-15693 (In Nim 1.2.4, the standard library httpClient is vulnerable to a CR-LF ...) - nim 1.2.6-1 [buster] - nim <no-dsa> (Minor issue) [stretch] - nim <no-dsa> (Minor issue) + NOTE: https://www.openwall.com/lists/oss-security/2021/02/04/2 CVE-2020-15692 (In Nim 1.2.4, the standard library browsers mishandles the URL argumen ...) - nim 1.2.6-1 [buster] - nim <no-dsa> (Minor issue) [stretch] - nim <no-dsa> (Minor issue) + NOTE: https://www.openwall.com/lists/oss-security/2021/02/04/1 CVE-2020-15691 RESERVED CVE-2020-15690 (In Nim before 1.2.6, the standard library asyncftpclient lacks a check ...) |