diff options
| author | Moritz Mühlenhoff <jmm@debian.org> | 2021-01-10 00:35:19 +0100 |
|---|---|---|
| committer | Moritz Mühlenhoff <jmm@debian.org> | 2021-01-10 00:35:19 +0100 |
| commit | 7a71877c5760f2cadef63ac95be8beb58cf98923 (patch) | |
| tree | 2e04ddf8f6f0cf6353577fd8b4ff644e0253cfa5 /data | |
| parent | afb75122ca422c6b8a1b41cf678be3a9c7d21225 (diff) | |
bullseye triage
Diffstat (limited to 'data')
| -rw-r--r-- | data/CVE/2012.list | 9 | ||||
| -rw-r--r-- | data/CVE/2013.list | 1 | ||||
| -rw-r--r-- | data/CVE/2017.list | 3 | ||||
| -rw-r--r-- | data/CVE/2018.list | 6 | ||||
| -rw-r--r-- | data/CVE/2020.list | 6 |
5 files changed, 15 insertions, 10 deletions
diff --git a/data/CVE/2012.list b/data/CVE/2012.list index 254bc9d047..a7cd7b0d9b 100644 --- a/data/CVE/2012.list +++ b/data/CVE/2012.list @@ -13815,13 +13815,8 @@ CVE-2012-1097 (The regset (aka register set) feature in the Linux kernel before {DSA-2443-1} - linux-2.6 3.2.10-1 (low) CVE-2012-1096 (NetworkManager 0.9 and earlier allows local users to use other users' ...) - - network-manager <unfixed> (low; bug #684259) - [buster] - network-manager <ignored> (Minor issue) - [stretch] - network-manager <ignored> (Minor issue) - [jessie] - network-manager <ignored> (Minor issue) - [wheezy] - network-manager <ignored> (Minor issue) - [squeeze] - network-manager <no-dsa> (Minor issue) - NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=793329 + NOTE: Design limitation, not treated as a security issue by upstream: + NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=793329#c1 CVE-2012-1095 (osc before 0.134 might allow remote OBS repository servers or package ...) - osc 0.134.0-1 (unimportant) NOTE: This is ultimately a bug in the respectice terminal emulations and not a vulnerability in osc diff --git a/data/CVE/2013.list b/data/CVE/2013.list index d697b9c52b..77fc7bf671 100644 --- a/data/CVE/2013.list +++ b/data/CVE/2013.list @@ -19130,6 +19130,7 @@ CVE-2013-0338 (libxml2 2.9.0 and earlier allows context-dependent attackers to c - libxml2 2.8.0+dfsg1-7+nmu1 (bug #702260) CVE-2013-0337 (The default configuration of nginx, possibly 1.3.13 and earlier, uses ...) - nginx <unfixed> (low; bug #701112) + [bullseye] - nginx <ignored> (Minor issue) [buster] - nginx <ignored> (Minor issue) [stretch] - nginx <ignored> (Minor issue) [jessie] - nginx <ignored> (Minor issue) diff --git a/data/CVE/2017.list b/data/CVE/2017.list index f3897d5930..61d30bcc2c 100644 --- a/data/CVE/2017.list +++ b/data/CVE/2017.list @@ -36681,6 +36681,7 @@ CVE-2017-6272 (NVIDIA GPU Display Driver contains a vulnerability in the kernel [jessie] - nvidia-graphics-drivers <no-dsa> (Non-free not supported) [wheezy] - nvidia-graphics-drivers <end-of-life> (Non-free not supported) - nvidia-graphics-drivers-legacy-340xx <unfixed> + [bullseye] - nvidia-graphics-drivers-legacy-340xx <ignored> (Non-free not supported, no updates provided by Nvidia for 340) [buster] - nvidia-graphics-drivers-legacy-340xx <ignored> (Non-free not supported, no updates provided by Nvidia for 340) [stretch] - nvidia-graphics-drivers-legacy-340xx <ignored> (Non-free not supported) - nvidia-graphics-drivers-legacy-304xx <unfixed> @@ -36702,6 +36703,7 @@ CVE-2017-6267 (NVIDIA GPU Display Driver contains a vulnerability in the kernel [jessie] - nvidia-graphics-drivers <no-dsa> (Non-free not supported) [wheezy] - nvidia-graphics-drivers <end-of-life> (Non-free not supported) - nvidia-graphics-drivers-legacy-340xx <unfixed> + [bullseye] - nvidia-graphics-drivers-legacy-340xx <ignored> (Non-free not supported, no updates provided by Nvidia for 340) [buster] - nvidia-graphics-drivers-legacy-340xx <ignored> (Non-free not supported, no updates provided by Nvidia for 340) [stretch] - nvidia-graphics-drivers-legacy-340xx <ignored> (Non-free not supported) - nvidia-graphics-drivers-legacy-304xx <unfixed> @@ -36715,6 +36717,7 @@ CVE-2017-6266 (NVIDIA GPU Display Driver contains a vulnerability in the kernel [jessie] - nvidia-graphics-drivers <no-dsa> (Non-free not supported) [wheezy] - nvidia-graphics-drivers <end-of-life> (Non-free not supported) - nvidia-graphics-drivers-legacy-340xx <unfixed> + [bullseye] - nvidia-graphics-drivers-legacy-340xx <ignored> (Non-free not supported, no updates provided by Nvidia for 340) [buster] - nvidia-graphics-drivers-legacy-340xx <ignored> (Non-free not supported, no updates provided by Nvidia for 340) [stretch] - nvidia-graphics-drivers-legacy-340xx <ignored> (Non-free not supported) - nvidia-graphics-drivers-legacy-304xx <unfixed> diff --git a/data/CVE/2018.list b/data/CVE/2018.list index 071f1be863..0da75aad89 100644 --- a/data/CVE/2018.list +++ b/data/CVE/2018.list @@ -12,6 +12,7 @@ CVE-2018-21269 (checkpath in OpenRC through 0.42.1 might allow local users to ta [stretch] - openrc <no-dsa> (Minor issue) NOTE: https://github.com/OpenRC/openrc/issues/201 NOTE: http://michael.orlitzky.com/cves/cve-2018-21269.xhtml + NOTE: https://github.com/OpenRC/openrc/commit/b6fef599bf8493480664b766040fa9b0d4b1e335 CVE-2018-21268 (The traceroute (aka node-traceroute) package through 1.0.0 for Node.js ...) NOT-FOR-US: Node traceroute CVE-2018-21267 @@ -39863,7 +39864,8 @@ CVE-2018-6260 (NVIDIA graphics driver contains a vulnerability that may allow ac - nvidia-graphics-drivers-legacy-390xx 390.116-1 [buster] - nvidia-graphics-drivers-legacy-390xx <no-dsa> (Non-free not supported) - nvidia-graphics-drivers-legacy-340xx <unfixed> - [buster] - nvidia-graphics-drivers-legacy-340xx <ignored> (Non-free not supported) + [bullseye] - nvidia-graphics-drivers-legacy-340xx <ignored> (Non-free not supported, no updates provided by Nvidia for 340) + [buster] - nvidia-graphics-drivers-legacy-340xx <ignored> (Non-free not supported, no updates provided by Nvidia for 340) [stretch] - nvidia-graphics-drivers-legacy-340xx <ignored> (Non-free not supported) - nvidia-graphics-drivers-legacy-304xx <unfixed> [stretch] - nvidia-graphics-drivers-legacy-304xx <ignored> (Non-free not supported) @@ -39888,6 +39890,7 @@ CVE-2018-6253 (NVIDIA GPU Display Driver contains a vulnerability in the DirectX [jessie] - nvidia-graphics-drivers <no-dsa> (Non-free not supported) [wheezy] - nvidia-graphics-drivers <end-of-life> (Non-free not supported) - nvidia-graphics-drivers-legacy-340xx <unfixed> + [bullseye] - nvidia-graphics-drivers-legacy-340xx <ignored> (Non-free not supported, no updates provided by Nvidia for 340) [buster] - nvidia-graphics-drivers-legacy-340xx <ignored> (Non-free not supported, no updates provided by Nvidia for 340) [stretch] - nvidia-graphics-drivers-legacy-340xx <ignored> (Non-free not supported) - nvidia-graphics-drivers-legacy-304xx <unfixed> @@ -39906,6 +39909,7 @@ CVE-2018-6249 (NVIDIA GPU Display Driver contains a vulnerability in kernel mode [jessie] - nvidia-graphics-drivers <no-dsa> (Non-free not supported) [wheezy] - nvidia-graphics-drivers <end-of-life> (Non-free not supported) - nvidia-graphics-drivers-legacy-340xx <unfixed> + [bullseye] - nvidia-graphics-drivers-legacy-340xx <ignored> (Non-free not supported, no updates provided by Nvidia for 340) [buster] - nvidia-graphics-drivers-legacy-340xx <ignored> (Non-free not supported, no updates provided by Nvidia for 340) [stretch] - nvidia-graphics-drivers-legacy-340xx <ignored> (Non-free not supported) - nvidia-graphics-drivers-legacy-304xx <unfixed> diff --git a/data/CVE/2020.list b/data/CVE/2020.list index 8eac4b976d..82759559ef 100644 --- a/data/CVE/2020.list +++ b/data/CVE/2020.list @@ -56997,7 +56997,8 @@ CVE-2020-5967 (NVIDIA Linux GPU Display Driver, all versions, contains a vulnera - nvidia-graphics-drivers-legacy-390xx 390.138-1 (bug #963908) [buster] - nvidia-graphics-drivers-legacy-390xx 390.138-1~deb10u1 - nvidia-graphics-drivers-legacy-340xx <unfixed> - [buster] - nvidia-graphics-drivers-legacy-340xx <ignored> (Non-free not supported) + [bullseye] - nvidia-graphics-drivers-legacy-340xx <ignored> (Non-free not supported, no updates provided by Nvidia for 340) + [buster] - nvidia-graphics-drivers-legacy-340xx <ignored> (Non-free not supported, no updates provided by Nvidia for 340) [stretch] - nvidia-graphics-drivers-legacy-340xx <no-dsa> (Non-free not supported) - nvidia-graphics-drivers-legacy-304xx <unfixed> [stretch] - nvidia-graphics-drivers-legacy-304xx <no-dsa> (Non-free not supported) @@ -57019,7 +57020,8 @@ CVE-2020-5963 (NVIDIA Windows GPU Display Driver, all versions, contains a vulne - nvidia-graphics-drivers-legacy-390xx 390.138-1 (bug #963908) [buster] - nvidia-graphics-drivers-legacy-390xx 390.138-1~deb10u1 - nvidia-graphics-drivers-legacy-340xx <unfixed> - [buster] - nvidia-graphics-drivers-legacy-340xx <ignored> (Non-free not supported) + [bullseye] - nvidia-graphics-drivers-legacy-340xx <ignored> (Non-free not supported, no updates provided by Nvidia for 340) + [buster] - nvidia-graphics-drivers-legacy-340xx <ignored> (Non-free not supported, no updates provided by Nvidia for 340) [stretch] - nvidia-graphics-drivers-legacy-340xx <no-dsa> (Non-free not supported) - nvidia-graphics-drivers-legacy-304xx <unfixed> [stretch] - nvidia-graphics-drivers-legacy-304xx <no-dsa> (Non-free not supported) |