diff options
| author | Moritz Mühlenhoff <jmm@debian.org> | 2021-12-27 23:27:03 +0100 |
|---|---|---|
| committer | Moritz Mühlenhoff <jmm@debian.org> | 2021-12-27 23:27:03 +0100 |
| commit | c53e3aa14b05e9a6d0d0de313e8080d55d95da08 (patch) | |
| tree | ef85c31823bda137e5d45d844c2d3864a6d0e37c /data | |
| parent | 389a533bb800c303dac168eeb1e1ee8ac2f5ff8f (diff) | |
RPKI updates
Diffstat (limited to 'data')
| -rw-r--r-- | data/CVE/list | 8 | ||||
| -rw-r--r-- | data/dsa-needed.txt | 4 |
2 files changed, 4 insertions, 8 deletions
diff --git a/data/CVE/list b/data/CVE/list index f97b381d41..97df051bed 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -9926,9 +9926,11 @@ CVE-2021-3918 (json-schema is vulnerable to Improperly Controlled Modification o NOTE: https://github.com/kriszyp/json-schema/commit/22f146111f541d9737e832823699ad3528ca7741 (v0.4.0) CVE-2021-43174 (NLnet Labs Routinator versions 0.9.0 up to and including 0.10.1, suppo ...) - routinator <itp> (bug #929024) + - cfrpki 1.4.0-1 NOTE: https://www.nlnetlabs.nl/downloads/routinator/CVE-2021-43172_CVE-2021-43173_CVE-2021-43174.txt CVE-2021-43173 (In NLnet Labs Routinator prior to 0.10.2, a validation run can be dela ...) - routinator <itp> (bug #929024) + - cfrpki 1.4.0-1 NOTE: https://www.nlnetlabs.nl/downloads/routinator/CVE-2021-43172_CVE-2021-43173_CVE-2021-43174.txt CVE-2021-43172 (NLnet Labs Routinator prior to 0.10.2 happily processes a chain of RRD ...) - routinator <itp> (bug #929024) @@ -10267,27 +10269,21 @@ CVE-2021-43033 (An issue was discovered in Kaseya Unitrends Backup Appliance bef CVE-2021-3912 (OctoRPKI tries to load the entire contents of a repository in memory, ...) - cfrpki 1.4.0-1 NOTE: https://github.com/cloudflare/cfrpki/security/advisories/GHSA-g9wh-3vrx-r7hg - TODO: check correctness, there is distinction on github.com/cloudflare/cfrpki/cmd/octorpki and github.com/cloudflare/cfrpki/pki CVE-2021-3911 (If the ROA that a repository returns contains too many bits for the IP ...) - cfrpki 1.4.0-1 NOTE: https://github.com/cloudflare/cfrpki/security/advisories/GHSA-w6ww-fmfx-2x22 - TODO: check correctness, there is distinction on github.com/cloudflare/cfrpki/cmd/octorpki and github.com/cloudflare/cfrpki/pki CVE-2021-3910 (OctoRPKI crashes when encountering a repository that returns an invali ...) - cfrpki 1.4.0-1 NOTE: https://github.com/cloudflare/cfrpki/security/advisories/GHSA-5mxh-2qfv-4g7j - TODO: check correctness, there is distinction on github.com/cloudflare/cfrpki/cmd/octorpki and github.com/cloudflare/cfrpki/pki CVE-2021-3909 (OctoRPKI does not limit the length of a connection, allowing for a slo ...) - cfrpki 1.4.0-1 NOTE: https://github.com/cloudflare/cfrpki/security/advisories/GHSA-8cvr-4rrf-f244 - TODO: check correctness, there is distinction on github.com/cloudflare/cfrpki/cmd/octorpki and github.com/cloudflare/cfrpki/pki CVE-2021-3908 (OctoRPKI does not limit the depth of a certificate chain, allowing for ...) - cfrpki 1.4.0-1 NOTE: https://github.com/cloudflare/cfrpki/security/advisories/GHSA-g5gj-9ggf-9vmq - TODO: check correctness, there is distinction on github.com/cloudflare/cfrpki/cmd/octorpki and github.com/cloudflare/cfrpki/pki CVE-2021-3907 (OctoRPKI does not escape a URI with a filename containing "..", this a ...) - cfrpki 1.4.0-1 NOTE: https://github.com/cloudflare/cfrpki/security/advisories/GHSA-cqh2-vc2f-q4fh - TODO: check correctness, there is distinction on github.com/cloudflare/cfrpki/cmd/octorpki and github.com/cloudflare/cfrpki/pki CVE-2021-3906 (bookstack is vulnerable to Unrestricted Upload of File with Dangerous ...) NOT-FOR-US: bookstack CVE-2018-25020 (The BPF subsystem in the Linux kernel before 4.17 mishandles situation ...) diff --git a/data/dsa-needed.txt b/data/dsa-needed.txt index 7d0b7a71ea..4ab6d888e9 100644 --- a/data/dsa-needed.txt +++ b/data/dsa-needed.txt @@ -17,7 +17,7 @@ apache2 (jmm) -- asterisk/oldstable -- -cfrpki +cfrpki (jmm) Maintainer prepared update -- chromium @@ -29,7 +29,7 @@ djvulibre -- faad2/oldstable (jmm) -- -fort-validator +fort-validator (jmm) Maintainer prepared updates -- linux (carnil) |