diff options
author | Moritz Muehlenhoff <jmm@debian.org> | 2021-11-19 17:32:35 +0100 |
---|---|---|
committer | Moritz Muehlenhoff <jmm@debian.org> | 2021-11-19 17:33:25 +0100 |
commit | 6978d9a75c955babd895935c4c729b41aaae3a8b (patch) | |
tree | 1402b576f5c1394199d4d0871b07b1e3ec4423ba /data | |
parent | 240b8166ae89cad0a812b1ea0decb8f36f7f8eaa (diff) |
buster/bullseye triage
Diffstat (limited to 'data')
-rw-r--r-- | data/CVE/2021.list | 12 | ||||
-rw-r--r-- | data/dsa-needed.txt | 2 |
2 files changed, 14 insertions, 0 deletions
diff --git a/data/CVE/2021.list b/data/CVE/2021.list index ed0233e806..708c723e64 100644 --- a/data/CVE/2021.list +++ b/data/CVE/2021.list @@ -75,6 +75,8 @@ CVE-2021-3976 CVE-2021-3975 [segmentation fault during VM shutdown can lead to vdsm hung] RESERVED - libvirt 7.6.0-1 + [bullseye] - libvirt <no-dsa> (Minor issue) + [buster] - libvirt <no-dsa> (Minor issue) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2024326 NOTE: Fixed by: https://github.com/libvirt/libvirt/commit/1ac703a7d0789e46833f4013a3876c2e3af18ec7 (v7.1.0-rc2) CVE-2021-44025 (Roundcube before 1.3.17 and 1.4.x before 1.4.12 is prone to XSS in han ...) @@ -1192,8 +1194,14 @@ CVE-2021-43520 CVE-2021-43519 (Stack overflow in lua_resume of ldo.c in Lua Interpreter 5.1.0~5.4.4 a ...) - lua5.4 <unfixed> - lua5.3 <unfixed> + [bullseye] - lua5.3 <no-dsa> (Minor issue) + [buster] - lua5.3 <no-dsa> (Minor issue) - lua5.2 <unfixed> + [bullseye] - lua5.2 <no-dsa> (Minor issue) + [buster] - lua5.2 <no-dsa> (Minor issue) - lua5.1 <unfixed> + [bullseye] - lua5.1 <no-dsa> (Minor issue) + [buster] - lua5.1 <no-dsa> (Minor issue) NOTE: http://lua-users.org/lists/lua-l/2021-10/msg00123.html NOTE: http://lua-users.org/lists/lua-l/2021-11/msg00015.html NOTE: Fixed by: https://github.com/lua/lua/commit/74d99057a5146755e737c479850f87fd0e3b6868 @@ -2994,11 +3002,15 @@ CVE-2021-42717 RESERVED CVE-2021-42716 (An issue was discovered in stb stb_image.h 2.27. The PNM loader incorr ...) - libstb <unfixed> + [bullseye] - libstb <no-dsa> (Minor issue) + [buster] - libstb <no-dsa> (Minor issue) NOTE: https://github.com/nothings/stb/issues/1166 NOTE: https://github.com/nothings/stb/issues/1225 NOTE: https://github.com/nothings/stb/pull/1223 CVE-2021-42715 (An issue was discovered in stb stb_image.h 1.33 through 2.27. The HDR ...) - libstb <unfixed> + [bullseye] - libstb <no-dsa> (Minor issue) + [buster] - libstb <no-dsa> (Minor issue) NOTE: https://github.com/nothings/stb/issues/1224 NOTE: https://github.com/nothings/stb/pull/1223 CVE-2021-42714 diff --git a/data/dsa-needed.txt b/data/dsa-needed.txt index 7202cb2e52..a17619b0af 100644 --- a/data/dsa-needed.txt +++ b/data/dsa-needed.txt @@ -55,3 +55,5 @@ trafficserver (jmm) -- varnish -- +wireshark +-- |