From 41da8e32a0bd94e16386c2eb94ac3827c0cea3ce Mon Sep 17 00:00:00 2001
From: security tracker role <sectracker@soriano.debian.org>
Date: Mon, 1 Nov 2021 08:10:42 +0000
Subject: automatic update

---
 data/CVE/2020.list |  32 ++++-----
 data/CVE/2021.list | 200 +++++++++++++++++++++++++++++++++++++++++++++++++----
 2 files changed, 204 insertions(+), 28 deletions(-)

diff --git a/data/CVE/2020.list b/data/CVE/2020.list
index 6a232e7adb..439bd856f1 100644
--- a/data/CVE/2020.list
+++ b/data/CVE/2020.list
@@ -313,18 +313,18 @@ CVE-2020-36385 (An issue was discovered in the Linux kernel before 5.10. drivers
 	NOTE: https://git.kernel.org/linus/f5449e74802c1112dea984aec8af7a33c4516af1
 CVE-2020-36382 (OpenVPN Access Server 2.7.3 to 2.8.7 allows remote attackers to trigge ...)
 	NOT-FOR-US: OpenVPN Access Server (security impact for src:openvpn covered by CVE-2020-15078)
-CVE-2020-36381
-	RESERVED
-CVE-2020-36380
-	RESERVED
-CVE-2020-36379
-	RESERVED
-CVE-2020-36378
-	RESERVED
-CVE-2020-36377
-	RESERVED
-CVE-2020-36376
-	RESERVED
+CVE-2020-36381 (An issue was discovered in the singleCrunch function in shenzhim aaptj ...)
+	TODO: check
+CVE-2020-36380 (An issue was discovered in the crunch function in shenzhim aaptjs 1.3. ...)
+	TODO: check
+CVE-2020-36379 (An issue was discovered in the remove function in shenzhim aaptjs 1.3. ...)
+	TODO: check
+CVE-2020-36378 (An issue was discovered in the packageCmd function in shenzhim aaptjs  ...)
+	TODO: check
+CVE-2020-36377 (An issue was discovered in the dump function in shenzhim aaptjs 1.3.1, ...)
+	TODO: check
+CVE-2020-36376 (An issue was discovered in the list function in shenzhim aaptjs 1.3.1, ...)
+	TODO: check
 CVE-2020-36375 (Stack overflow vulnerability in parse_equality Cesanta MJS 1.20.1, all ...)
 	NOT-FOR-US: Cesanta MJS
 CVE-2020-36374 (Stack overflow vulnerability in parse_comparison Cesanta MJS 1.20.1, a ...)
@@ -10596,12 +10596,12 @@ CVE-2020-26709
 	RESERVED
 CVE-2020-26708
 	RESERVED
-CVE-2020-26707
-	RESERVED
+CVE-2020-26707 (An issue was discovered in the add function in Shenzhim AAPTJS 1.3.1 w ...)
+	TODO: check
 CVE-2020-26706
 	RESERVED
-CVE-2020-26705
-	RESERVED
+CVE-2020-26705 (The parseXML function in Easy-XML 0.5.0 was discovered to have a XML E ...)
+	TODO: check
 CVE-2020-26704
 	RESERVED
 CVE-2020-26703
diff --git a/data/CVE/2021.list b/data/CVE/2021.list
index 04753304df..d54140df2a 100644
--- a/data/CVE/2021.list
+++ b/data/CVE/2021.list
@@ -1,3 +1,181 @@
+CVE-2021-43171
+	RESERVED
+CVE-2021-43170
+	RESERVED
+CVE-2021-43169
+	RESERVED
+CVE-2021-43168
+	RESERVED
+CVE-2021-43167
+	RESERVED
+CVE-2021-43166
+	RESERVED
+CVE-2021-43165
+	RESERVED
+CVE-2021-43164
+	RESERVED
+CVE-2021-43163
+	RESERVED
+CVE-2021-43162
+	RESERVED
+CVE-2021-43161
+	RESERVED
+CVE-2021-43160
+	RESERVED
+CVE-2021-43159
+	RESERVED
+CVE-2021-43158
+	RESERVED
+CVE-2021-43157
+	RESERVED
+CVE-2021-43156
+	RESERVED
+CVE-2021-43155
+	RESERVED
+CVE-2021-43154
+	RESERVED
+CVE-2021-43153
+	RESERVED
+CVE-2021-43152
+	RESERVED
+CVE-2021-43151
+	RESERVED
+CVE-2021-43150
+	RESERVED
+CVE-2021-43149
+	RESERVED
+CVE-2021-43148
+	RESERVED
+CVE-2021-43147
+	RESERVED
+CVE-2021-43146
+	RESERVED
+CVE-2021-43145
+	RESERVED
+CVE-2021-43144
+	RESERVED
+CVE-2021-43143
+	RESERVED
+CVE-2021-43142
+	RESERVED
+CVE-2021-43141
+	RESERVED
+CVE-2021-43140
+	RESERVED
+CVE-2021-43139
+	RESERVED
+CVE-2021-43138
+	RESERVED
+CVE-2021-43137
+	RESERVED
+CVE-2021-43136
+	RESERVED
+CVE-2021-43135
+	RESERVED
+CVE-2021-43134
+	RESERVED
+CVE-2021-43133
+	RESERVED
+CVE-2021-43132
+	RESERVED
+CVE-2021-43131
+	RESERVED
+CVE-2021-43130
+	RESERVED
+CVE-2021-43129
+	RESERVED
+CVE-2021-43128
+	RESERVED
+CVE-2021-43127
+	RESERVED
+CVE-2021-43126
+	RESERVED
+CVE-2021-43125
+	RESERVED
+CVE-2021-43124
+	RESERVED
+CVE-2021-43123
+	RESERVED
+CVE-2021-43122
+	RESERVED
+CVE-2021-43121
+	RESERVED
+CVE-2021-43120
+	RESERVED
+CVE-2021-43119
+	RESERVED
+CVE-2021-43118
+	RESERVED
+CVE-2021-43117
+	RESERVED
+CVE-2021-43116
+	RESERVED
+CVE-2021-43115
+	RESERVED
+CVE-2021-43114
+	RESERVED
+CVE-2021-43113
+	RESERVED
+CVE-2021-43112
+	RESERVED
+CVE-2021-43111
+	RESERVED
+CVE-2021-43110
+	RESERVED
+CVE-2021-43109
+	RESERVED
+CVE-2021-43108
+	RESERVED
+CVE-2021-43107
+	RESERVED
+CVE-2021-43106
+	RESERVED
+CVE-2021-43105
+	RESERVED
+CVE-2021-43104
+	RESERVED
+CVE-2021-43103
+	RESERVED
+CVE-2021-43102
+	RESERVED
+CVE-2021-43101
+	RESERVED
+CVE-2021-43100
+	RESERVED
+CVE-2021-43099
+	RESERVED
+CVE-2021-43098
+	RESERVED
+CVE-2021-43097
+	RESERVED
+CVE-2021-43096
+	RESERVED
+CVE-2021-43095
+	RESERVED
+CVE-2021-43094
+	RESERVED
+CVE-2021-43093
+	RESERVED
+CVE-2021-43092
+	RESERVED
+CVE-2021-43091
+	RESERVED
+CVE-2021-43090
+	RESERVED
+CVE-2021-43089
+	RESERVED
+CVE-2021-43088
+	RESERVED
+CVE-2021-43087
+	RESERVED
+CVE-2021-43086
+	RESERVED
+CVE-2021-43085
+	RESERVED
+CVE-2021-43084
+	RESERVED
+CVE-2021-3916
+	RESERVED
 CVE-2021-43083
 	RESERVED
 CVE-2021-43082
@@ -855,8 +1033,8 @@ CVE-2021-42696
 	RESERVED
 CVE-2021-42695
 	RESERVED
-CVE-2021-42694
-	RESERVED
+CVE-2021-42694 (An issue was discovered in the character definitions of the Unicode Sp ...)
+	TODO: check
 CVE-2021-42693
 	RESERVED
 CVE-2021-42692
@@ -1095,8 +1273,7 @@ CVE-2021-42576 (The bluemonday sanitizer before 1.0.16 for Go, and before 0.0.8
 	NOT-FOR-US: bluemonday sanitizer
 CVE-2021-42575 (The OWASP Java HTML Sanitizer before 20211018.1 does not properly enfo ...)
 	NOT-FOR-US: OWASP HTML Sanitizer
-CVE-2021-42574
-	RESERVED
+CVE-2021-42574 (An issue was discovered in the Bidirectional Algorithm in the Unicode  ...)
 	- rustc <unfixed>
 	[bullseye] - rustc <no-dsa> (Minor issue)
 	[buster] - rustc <no-dsa> (Minor issue)
@@ -3946,8 +4123,8 @@ CVE-2021-3813
 	RESERVED
 CVE-2021-41314 (Certain NETGEAR smart switches are affected by a \n injection in the w ...)
 	NOT-FOR-US: NETGEAR
-CVE-2021-41313
-	RESERVED
+CVE-2021-41313 (Affected versions of Atlassian Jira Server and Data Center allow authe ...)
+	TODO: check
 CVE-2021-41312
 	RESERVED
 CVE-2021-41311
@@ -6216,8 +6393,7 @@ CVE-2021-40350 (webctrl.cgi.elf on Christie Digital DWU850-GS V06.46 devices all
 	NOT-FOR-US: Christie Digital DWU850-GS V06.46 devices
 CVE-2021-40349 (e7d Speed Test (aka speedtest) 0.5.3 allows a path-traversal attack th ...)
 	NOT-FOR-US: e7d Speed Test
-CVE-2021-40348
-	RESERVED
+CVE-2021-40348 (Spacewalk 2.10, and derivatives such as Uyuni 2021.08, allows code inj ...)
 	NOT-FOR-US: Uyuni / Spacewalk (Red Hat)
 CVE-2021-40347 (An issue was discovered in views/list.py in GNU Mailman Postorius befo ...)
 	{DSA-4970-1}
@@ -52718,10 +52894,10 @@ CVE-2021-20841
 	RESERVED
 CVE-2021-20840
 	RESERVED
-CVE-2021-20839
-	RESERVED
-CVE-2021-20838
-	RESERVED
+CVE-2021-20839 (Office Server Document Converter V7.2MR4 and earlier and V7.1MR7 and e ...)
+	TODO: check
+CVE-2021-20838 (Office Server Document Converter V7.2MR4 and earlier and V7.1MR7 and e ...)
+	TODO: check
 CVE-2021-20837 (Movable Type 7 r.5002 and earlier (Movable Type 7 Series), Movable Typ ...)
 	- movabletype-opensource <removed>
 CVE-2021-20836 (Out-of-bounds read vulnerability in CX-Supervisor v4.0.0.13 and v4.0.0 ...)
-- 
cgit v1.2.3