From c53e3aa14b05e9a6d0d0de313e8080d55d95da08 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Moritz=20M=C3=BChlenhoff?= Date: Mon, 27 Dec 2021 23:27:03 +0100 Subject: RPKI updates --- data/CVE/list | 8 ++------ data/dsa-needed.txt | 4 ++-- 2 files changed, 4 insertions(+), 8 deletions(-) (limited to 'data') diff --git a/data/CVE/list b/data/CVE/list index f97b381d41..97df051bed 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -9926,9 +9926,11 @@ CVE-2021-3918 (json-schema is vulnerable to Improperly Controlled Modification o NOTE: https://github.com/kriszyp/json-schema/commit/22f146111f541d9737e832823699ad3528ca7741 (v0.4.0) CVE-2021-43174 (NLnet Labs Routinator versions 0.9.0 up to and including 0.10.1, suppo ...) - routinator (bug #929024) + - cfrpki 1.4.0-1 NOTE: https://www.nlnetlabs.nl/downloads/routinator/CVE-2021-43172_CVE-2021-43173_CVE-2021-43174.txt CVE-2021-43173 (In NLnet Labs Routinator prior to 0.10.2, a validation run can be dela ...) - routinator (bug #929024) + - cfrpki 1.4.0-1 NOTE: https://www.nlnetlabs.nl/downloads/routinator/CVE-2021-43172_CVE-2021-43173_CVE-2021-43174.txt CVE-2021-43172 (NLnet Labs Routinator prior to 0.10.2 happily processes a chain of RRD ...) - routinator (bug #929024) @@ -10267,27 +10269,21 @@ CVE-2021-43033 (An issue was discovered in Kaseya Unitrends Backup Appliance bef CVE-2021-3912 (OctoRPKI tries to load the entire contents of a repository in memory, ...) - cfrpki 1.4.0-1 NOTE: https://github.com/cloudflare/cfrpki/security/advisories/GHSA-g9wh-3vrx-r7hg - TODO: check correctness, there is distinction on github.com/cloudflare/cfrpki/cmd/octorpki and github.com/cloudflare/cfrpki/pki CVE-2021-3911 (If the ROA that a repository returns contains too many bits for the IP ...) - cfrpki 1.4.0-1 NOTE: https://github.com/cloudflare/cfrpki/security/advisories/GHSA-w6ww-fmfx-2x22 - TODO: check correctness, there is distinction on github.com/cloudflare/cfrpki/cmd/octorpki and github.com/cloudflare/cfrpki/pki CVE-2021-3910 (OctoRPKI crashes when encountering a repository that returns an invali ...) - cfrpki 1.4.0-1 NOTE: https://github.com/cloudflare/cfrpki/security/advisories/GHSA-5mxh-2qfv-4g7j - TODO: check correctness, there is distinction on github.com/cloudflare/cfrpki/cmd/octorpki and github.com/cloudflare/cfrpki/pki CVE-2021-3909 (OctoRPKI does not limit the length of a connection, allowing for a slo ...) - cfrpki 1.4.0-1 NOTE: https://github.com/cloudflare/cfrpki/security/advisories/GHSA-8cvr-4rrf-f244 - TODO: check correctness, there is distinction on github.com/cloudflare/cfrpki/cmd/octorpki and github.com/cloudflare/cfrpki/pki CVE-2021-3908 (OctoRPKI does not limit the depth of a certificate chain, allowing for ...) - cfrpki 1.4.0-1 NOTE: https://github.com/cloudflare/cfrpki/security/advisories/GHSA-g5gj-9ggf-9vmq - TODO: check correctness, there is distinction on github.com/cloudflare/cfrpki/cmd/octorpki and github.com/cloudflare/cfrpki/pki CVE-2021-3907 (OctoRPKI does not escape a URI with a filename containing "..", this a ...) - cfrpki 1.4.0-1 NOTE: https://github.com/cloudflare/cfrpki/security/advisories/GHSA-cqh2-vc2f-q4fh - TODO: check correctness, there is distinction on github.com/cloudflare/cfrpki/cmd/octorpki and github.com/cloudflare/cfrpki/pki CVE-2021-3906 (bookstack is vulnerable to Unrestricted Upload of File with Dangerous ...) NOT-FOR-US: bookstack CVE-2018-25020 (The BPF subsystem in the Linux kernel before 4.17 mishandles situation ...) diff --git a/data/dsa-needed.txt b/data/dsa-needed.txt index 7d0b7a71ea..4ab6d888e9 100644 --- a/data/dsa-needed.txt +++ b/data/dsa-needed.txt @@ -17,7 +17,7 @@ apache2 (jmm) -- asterisk/oldstable -- -cfrpki +cfrpki (jmm) Maintainer prepared update -- chromium @@ -29,7 +29,7 @@ djvulibre -- faad2/oldstable (jmm) -- -fort-validator +fort-validator (jmm) Maintainer prepared updates -- linux (carnil) -- cgit v1.2.3