Merge in changes accepted for bullseye 11.2

author: Salvatore Bonaccorso <carnil@debian.org> 2021-12-18 10:51:34 +0100
committer: Salvatore Bonaccorso <carnil@debian.org> 2021-12-18 10:51:34 +0100
commit: 7cc11078297cfcb801360bdb83df8569c30ac041 (patch)
tree: 0eb7bbee3e7699de98728a8e4cdf9e905fbb817c
parent: b2cd61199195bc02021432ce71f4b8e07cf78044 (diff)
4 files changed, 36 insertions, 100 deletions
diff --git a/data/CVE/list.2019 b/data/CVE/list.2019
index d28a0fff7b..9fc5481104 100644
--- a/data/CVE/list.2019
+++ b/data/CVE/list.2019
@@ -26152,7 +26152,7 @@ CVE-2019-11099
 CVE-2019-11098 (Insufficient input validation in MdeModulePkg in EDKII may allow an un ...)
 	[experimental] - edk2 2021.02-1
 	- edk2 2020.11-5 (bug #991495)
-	[bullseye] - edk2 <no-dsa> (Minor issue)
+	[bullseye] - edk2 2020.11-2+deb11u1
 	[buster] - edk2 <no-dsa> (Minor issue)
 	[stretch] - edk2 <no-dsa> (Minor issue)
 	NOTE: https://edk2-docs.gitbook.io/security-advisory/bootguard-toctou-vulnerability
diff --git a/data/CVE/list.2020 b/data/CVE/list.2020
index 8cd46829f4..1545f614ac 100644
--- a/data/CVE/list.2020
+++ b/data/CVE/list.2020
@@ -6797,7 +6797,7 @@ CVE-2020-28283 (Prototype pollution vulnerability in 'libnested' versions 0.0.0
 	NOT-FOR-US: libnested
 CVE-2020-28282 (Prototype pollution vulnerability in 'getobject' version 0.1.0 allows  ...)
 	- node-getobject 1.0.2-1
-	[bullseye] - node-getobject <no-dsa> (Minor issue)
+	[bullseye] - node-getobject 0.1.0-2+deb11u1
 	[buster] - node-getobject <no-dsa> (Minor issue)
 	[stretch] - node-getobject <no-dsa> (Minor issue)
 	NOTE: https://github.com/cowboy/node-getobject/commit/84071748fa407caa8f824e0d0b9c1cde9ec56633 (v1.0.0)
diff --git a/data/CVE/list.2021 b/data/CVE/list.2021
index 4560955288..befa62e4aa 100644
--- a/data/CVE/list.2021
+++ b/data/CVE/list.2021
@@ -1008,6 +1008,7 @@ CVE-2021-44717
 	RESERVED
 	- golang-1.17 1.17.5-1
 	- golang-1.15 1.15.15-5
+	[bullseye] - golang-1.15 1.15.15-1~deb11u2
 	- golang-1.11 <removed>
 	- golang-1.8 <removed>
 	- golang-1.7 <removed>
@@ -1019,6 +1020,7 @@ CVE-2021-44716
 	RESERVED
 	- golang-1.17 1.17.5-1
 	- golang-1.15 1.15.15-5
+	[bullseye] - golang-1.15 1.15.15-1~deb11u2
 	- golang-1.11 <removed>
 	- golang-1.8 <removed>
 	- golang-1.7 <removed>
@@ -1471,14 +1473,14 @@ CVE-2021-44543
 	RESERVED
 	{DLA-2844-1}
 	- privoxy 3.0.33-1
-	[bullseye] - privoxy <no-dsa> (Minor issue)
+	[bullseye] - privoxy 3.0.32-2+deb11u1
 	[buster] - privoxy <no-dsa> (Minor issue)
 	NOTE: https://www.openwall.com/lists/oss-security/2021/12/09/1
 	NOTE: https://www.privoxy.org/gitweb/?p=privoxy.git;a=commit;h=0e668e9409cbf4ab8bf2d79be204bd4e81a00d85 (v_3_0_33)
 CVE-2021-44542
 	RESERVED
 	- privoxy 3.0.33-1
-	[bullseye] - privoxy <no-dsa> (Minor issue)
+	[bullseye] - privoxy 3.0.32-2+deb11u1
 	[buster] - privoxy <not-affected> (Vulnerable code introduced in 3.0.29)
 	[stretch] - privoxy <not-affected> (Vulnerable code introduced in 3.0.29)
 	NOTE: https://www.openwall.com/lists/oss-security/2021/12/09/1
@@ -1486,7 +1488,7 @@ CVE-2021-44542
 CVE-2021-44541
 	RESERVED
 	- privoxy 3.0.33-1
-	[bullseye] - privoxy <no-dsa> (Minor issue)
+	[bullseye] - privoxy 3.0.32-2+deb11u1
 	[buster] - privoxy <not-affected> (Vulnerable code introduced in 3.0.29)
 	[stretch] - privoxy <not-affected> (Vulnerable code introduced in 3.0.29)
 	NOTE: https://www.openwall.com/lists/oss-security/2021/12/09/1
@@ -1495,7 +1497,7 @@ CVE-2021-44540
 	RESERVED
 	{DLA-2844-1}
 	- privoxy 3.0.33-1
-	[bullseye] - privoxy <no-dsa> (Minor issue)
+	[bullseye] - privoxy 3.0.32-2+deb11u1
 	[buster] - privoxy <no-dsa> (Minor issue)
 	NOTE: https://www.openwall.com/lists/oss-security/2021/12/09/1
 	NOTE: https://www.privoxy.org/gitweb/?p=privoxy.git;a=commit;h=652b4b7cb07592c0912cf938a50fcd009fa29a0a (v_3_0_33)
@@ -1817,7 +1819,7 @@ CVE-2021-44421
 	RESERVED
 CVE-2021-44420 (In Django 2.2 before 2.2.25, 3.1 before 3.1.14, and 3.2 before 3.2.10, ...)
 	- python-django 2:3.2.10-1
-	[bullseye] - python-django <no-dsa> (Minor issue)
+	[bullseye] - python-django 2:2.2.25-1~deb11u1
 	[buster] - python-django <no-dsa> (Minor issue)
 	[stretch] - python-django <not-affected> (Vulnerable code not present; path converters added later)
 	NOTE: https://www.openwall.com/lists/oss-security/2021/12/07/1
@@ -2264,7 +2266,7 @@ CVE-2021-4022
 	RESERVED
 CVE-2021-44225 (In Keepalived through 2.2.4, the D-Bus policy does not sufficiently re ...)
 	- keepalived 1:2.2.4-0.2
-	[bullseye] - keepalived <no-dsa> (Minor issue)
+	[bullseye] - keepalived 1:2.1.5-0.2+deb11u1
 	[buster] - keepalived <no-dsa> (Minor issue)
 	[stretch] - keepalived <no-dsa> (Minor issue)
 	NOTE: https://github.com/acassen/keepalived/pull/2063
@@ -3721,7 +3723,7 @@ CVE-2021-43619
 CVE-2021-43618 (GNU Multiple Precision Arithmetic Library (GMP) through 6.2.1 has an m ...)
 	{DLA-2837-1}
 	- gmp 2:6.2.1+dfsg-3 (bug #994405)
-	[bullseye] - gmp <no-dsa> (Minor issue)
+	[bullseye] - gmp 2:6.2.1+dfsg-1+deb11u1
 	[buster] - gmp <no-dsa> (Minor issue)
 	NOTE: https://gmplib.org/list-archives/gmp-bugs/2021-September/005077.html
 	NOTE: https://gmplib.org/repo/gmp-6.2/rev/561a9c25298e
@@ -3744,7 +3746,7 @@ CVE-2021-43613
 CVE-2021-43612 [crash in SONMP decoder]
 	RESERVED
 	- lldpd 1.0.13-1
-	[bullseye] - lldpd <no-dsa> (Minor issue)
+	[bullseye] - lldpd 1.0.11-1+deb11u1
 	[buster] - lldpd <no-dsa> (Minor issue)
 	[stretch] - lldpd <no-dsa> (Minor issue)
 	NOTE: https://github.com/lldpd/lldpd/commit/73d42680fce8598324364dbb31b9bc3b8320adf7 (1.0.13)
@@ -3829,6 +3831,7 @@ CVE-2021-43580
 	RESERVED
 CVE-2021-43579 (A stack-based buffer overflow in image_load_bmp() in HTMLDOC before 1. ...)
 	- htmldoc 1.9.13-1 (unimportant)
+	[bullseye] - htmldoc 1.9.11-4+deb11u1
 	NOTE: https://github.com/michaelrsweet/htmldoc/commit/27d08989a5a567155d506ac870ae7d8cc88fa58b (v1.9.13)
 	NOTE: https://github.com/michaelrsweet/htmldoc/issues/453
 	NOTE: Crash in CLI tool, no security impact
@@ -4900,7 +4903,7 @@ CVE-2021-43175 (The GOautodial API prior to commit 3c3a979 made on October 13th,
 	NOT-FOR-US: GOautodial API
 CVE-2021-3918 (json-schema is vulnerable to Improperly Controlled Modification of Obj ...)
 	- node-json-schema 0.4.0+~7.0.9-1 (bug #999765)
-	[bullseye] - node-json-schema <no-dsa> (Minor issue)
+	[bullseye] - node-json-schema 0.3.0+~7.0.6-1+deb11u1
 	[buster] - node-json-schema <no-dsa> (Minor issue)
 	NOTE: https://github.com/kriszyp/json-schema/commit/22f146111f541d9737e832823699ad3528ca7741 (v0.4.0)
 CVE-2021-43174 (NLnet Labs Routinator versions 0.9.0 up to and including 0.10.1, suppo ...)
@@ -5489,7 +5492,7 @@ CVE-2021-42918
 	RESERVED
 CVE-2021-42917 (Buffer overflow vulnerability in Kodi xbmc up to 19.0, allows attacker ...)
 	- kodi 2:19.3+dfsg1-1 (bug #998419)
-	[bullseye] - kodi <no-dsa> (Minor issue)
+	[bullseye] - kodi 2:19.1+dfsg2-2+deb11u1
 	[buster] - kodi <no-dsa> (Minor issue)
 	[stretch] - kodi <postponed> (no point in fixing this when the more severe CVE-2017-5982 is ignored)
 	- xbmc <removed>
@@ -8194,7 +8197,7 @@ CVE-2021-41771 (ImportedSymbols in debug/macho (for Open or OpenFat) in Go befor
 	- golang-1.17 1.17.3-1
 	- golang-1.16 1.16.10-1
 	- golang-1.15 1.15.15-5
-	[bullseye] - golang-1.15 <no-dsa> (Minor issue; will be fixed via point release)
+	[bullseye] - golang-1.15 1.15.15-1~deb11u2
 	- golang-1.11 <removed>
 	[buster] - golang-1.11 <no-dsa> (Minor issue)
 	- golang-1.8 <removed>
@@ -9538,17 +9541,20 @@ CVE-2021-41185 (Mycodo is an environmental monitoring and regulation system. An
 	NOT-FOR-US: Mycodo
 CVE-2021-41184 (jQuery-UI is the official jQuery user interface library. Prior to vers ...)
 	- jqueryui 1.13.0+dfsg-1
+	[bullseye] - jqueryui 1.12.1+dfsg-8+deb11u1
 	[stretch] - jqueryui <no-dsa> (Minor issue)
 	NOTE: https://github.com/jquery/jquery-ui/security/advisories/GHSA-gpqq-952q-5327
 	NOTE: https://github.com/jquery/jquery-ui/commit/effa323f1505f2ce7a324e4f429fa9032c72f280
 CVE-2021-41183 (jQuery-UI is the official jQuery user interface library. Prior to vers ...)
 	- jqueryui 1.13.0+dfsg-1
+	[bullseye] - jqueryui 1.12.1+dfsg-8+deb11u1
 	[stretch] - jqueryui <no-dsa> (Minor issue)
 	NOTE: https://github.com/jquery/jquery-ui/security/advisories/GHSA-j7qv-pgf6-hvh4
 	NOTE: https://bugs.jqueryui.com/ticket/15284
 	NOTE: https://github.com/jquery/jquery-ui/pull/1953
 CVE-2021-41182 (jQuery-UI is the official jQuery user interface library. Prior to vers ...)
 	- jqueryui 1.13.0+dfsg-1
+	[bullseye] - jqueryui 1.12.1+dfsg-8+deb11u1
 	[stretch] - jqueryui <no-dsa> (Minor issue)
 	NOTE: https://github.com/jquery/jquery-ui/security/advisories/GHSA-9gj3-hwp5-pmwc
 	NOTE: https://github.com/jquery/jquery-ui/commit/32850869d308d5e7c9bf3e3b4d483ea886d373ce
@@ -9774,13 +9780,13 @@ CVE-2021-41093 (Wire is an open source secure messenger. In affected versions if
 	NOT-FOR-US: Wire iOS
 CVE-2021-41092 (Docker CLI is the command line interface for the docker container runt ...)
 	- docker.io 20.10.10+dfsg1-1 (bug #998292)
-	[bullseye] - docker.io <no-dsa> (Minor issue)
+	[bullseye] - docker.io 20.10.5+dfsg1-1+deb11u1
 	[buster] - docker.io <no-dsa> (Minor issue)
 	NOTE: https://github.com/docker/cli/security/advisories/GHSA-99pg-grm5-qq3v
 	NOTE: https://github.com/docker/cli/commit/893e52cf4ba4b048d72e99748e0f86b2767c6c6b
 CVE-2021-41091 (Moby is an open-source project created by Docker to enable software co ...)
 	- docker.io 20.10.10+dfsg1-1
-	[bullseye] - docker.io <no-dsa> (Minor issue)
+	[bullseye] - docker.io 20.10.5+dfsg1-1+deb11u1
 	[buster] - docker.io <no-dsa> (Minor issue)
 	NOTE: https://github.com/moby/moby/security/advisories/GHSA-3fwx-pjgw-3558
 	NOTE: https://github.com/moby/moby/commit/f0ab919f518c47240ea0e72d0999576bb8008e64
@@ -9788,7 +9794,7 @@ CVE-2021-41090 (Grafana Agent is a telemetry collector for sending metrics, logs
 	NOT-FOR-US: Grafana Agent
 CVE-2021-41089 (Moby is an open-source project created by Docker to enable software co ...)
 	- docker.io 20.10.10+dfsg1-1
-	[bullseye] - docker.io <no-dsa> (Minor issue)
+	[bullseye] - docker.io 20.10.5+dfsg1-1+deb11u1
 	[buster] - docker.io <no-dsa> (Minor issue)
 	NOTE: https://github.com/moby/moby/security/advisories/GHSA-v994-f8vw-g7j4
 CVE-2021-41088 (Elvish is a programming language and interactive shell, combined into  ...)
@@ -9824,7 +9830,7 @@ CVE-2021-3803 (nth-check is vulnerable to Inefficient Regular Expression Complex
 CVE-2021-3802 (A vulnerability found in udisks2. This flaw allows an attacker to inpu ...)
 	{DLA-2809-1}
 	- udisks2 2.9.4-1
-	[bullseye] - udisks2 <no-dsa> (Minor issue)
+	[bullseye] - udisks2 2.9.2-2+deb11u1
 	[buster] - udisks2 <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2003649
 	NOTE: https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2021-045.txt
@@ -10042,6 +10048,7 @@ CVE-2021-3800
 	RESERVED
 CVE-2021-40985 (Buffer overflow vulnerability in htmldoc before 1.9.12, allows attacke ...)
 	- htmldoc 1.9.13-1 (unimportant)
+	[bullseye] - htmldoc 1.9.11-4+deb11u1
 	NOTE: https://github.com/michaelrsweet/htmldoc/issues/444
 	NOTE: https://github.com/michaelrsweet/htmldoc/commit/f12b9666e582a8e7b70f11b28e5ffc49ad625d43 (v1.9.13)
 	NOTE: Crash in CLI tool, no security impact
@@ -10319,7 +10326,7 @@ CVE-2021-3797 (hestiacp is vulnerable to Use of Wrong Operator in String Compari
 	NOT-FOR-US: Hestia Control Panel
 CVE-2021-3796 (vim is vulnerable to Use After Free ...)
 	- vim 2:8.2.3455-1 (bug #994497)
-	[bullseye] - vim <no-dsa> (Minor issue)
+	[bullseye] - vim 2:8.2.2434-3+deb11u1
 	[buster] - vim <no-dsa> (Minor issue)
 	[stretch] - vim <no-dsa> (Minor issue)
 	NOTE: https://huntr.dev/bounties/ab60b7f3-6fb1-4ac2-a4fa-4d592e08008d/
@@ -10774,7 +10781,7 @@ CVE-2021-3779
 	RESERVED
 CVE-2021-3778 (vim is vulnerable to Heap-based Buffer Overflow ...)
 	- vim 2:8.2.3455-1 (bug #994498)
-	[bullseye] - vim <no-dsa> (Minor issue)
+	[bullseye] - vim 2:8.2.2434-3+deb11u1
 	[buster] - vim <no-dsa> (Minor issue)
 	[stretch] - vim <no-dsa> (Minor issue)
 	NOTE: https://huntr.dev/bounties/d9c17308-2c99-4f9f-a706-f7f72c24c273
@@ -11175,7 +11182,7 @@ CVE-2021-40515
 	RESERVED
 CVE-2021-3770 (vim is vulnerable to Heap-based Buffer Overflow ...)
 	- vim 2:8.2.3455-1 (bug #994076)
-	[bullseye] - vim <no-dsa> (Minor issue)
+	[bullseye] - vim 2:8.2.2434-3+deb11u1
 	[buster] - vim <no-dsa> (Minor issue)
 	[stretch] - vim <no-dsa> (Minor issue)
 	NOTE: https://huntr.dev/bounties/016ad2f2-07c1-4d14-a8ce-6eed10729365/
@@ -11471,7 +11478,7 @@ CVE-2021-40392
 CVE-2021-40391 (An out-of-bounds write vulnerability exists in the drill format T-code ...)
 	{DLA-2839-1}
 	- gerbv 2.7.1-1
-	[bullseye] - gerbv <no-dsa> (Minor issue)
+	[bullseye] - gerbv 2.7.0-2+deb11u1
 	[buster] - gerbv <no-dsa> (Minor issue)
 	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2021-1402
 	NOTE: https://github.com/gerbv/gerbv/commit/9f83950b772b37b49ee188300e444546e6aab17e
@@ -14061,6 +14068,7 @@ CVE-2021-39293
 	- golang-1.17 1.17.1-1
 	- golang-1.16 1.16.8-1
 	- golang-1.15 1.15.15-2
+	[bullseye] - golang-1.15 1.15.15-1~deb11u1
 	- golang-1.11 <removed>
 	[buster] - golang-1.11 <no-dsa> (Minor issue)
 	- golang-1.8 <removed>
@@ -15464,7 +15472,7 @@ CVE-2021-38715
 CVE-2021-38714 (In Plib through 1.85, there is an integer overflow vulnerability that  ...)
 	{DLA-2775-1}
 	- plib 1.8.5-10 (bug #992973)
-	[bullseye] - plib <no-dsa> (Minor issue)
+	[bullseye] - plib 1.8.5-8+deb11u1
 	[buster] - plib <no-dsa> (Minor issue)
 	NOTE: https://sourceforge.net/p/plib/bugs/55/
 CVE-2021-38713 (imgURL 2.31 allows XSS via an X-Forwarded-For HTTP header. ...)
@@ -16521,7 +16529,7 @@ CVE-2021-38297 (Go before 1.16.9 and 1.17.x before 1.17.2 has a Buffer Overflow
 	- golang-1.17 1.17.2-1
 	- golang-1.16 1.16.9-1
 	- golang-1.15 1.15.15-5
-	[bullseye] - golang-1.15 <no-dsa> (Minor issue; will be fixed via point release)
+	[bullseye] - golang-1.15 1.15.15-1~deb11u2
 	- golang-1.11 <removed>
 	[buster] - golang-1.11 <no-dsa> (Minor issue)
 	- golang-1.8 <not-affected> (Vulnerable code not present)
@@ -16888,7 +16896,7 @@ CVE-2021-38156 (In Nagios XI before 5.8.6, XSS exists in the dashboard page (/da
 	NOT-FOR-US: Nagios XI
 CVE-2021-38155 (OpenStack Keystone 10.x through 16.x before 16.0.2, 17.x before 17.0.1 ...)
 	- keystone 2:19.0.0-3 (bug #992070)
-	[bullseye] - keystone <no-dsa> (Minor issue)
+	[bullseye] - keystone 2:18.0.0-3+deb11u1
 	[buster] - keystone <no-dsa> (Minor issue)
 	[stretch] - keystone <end-of-life> (Keystone not supported in stretch)
 	NOTE: https://launchpad.net/bugs/1688137
@@ -19252,7 +19260,7 @@ CVE-2021-37151 (CyberArk Identity 21.5.131, when handling an invalid authenticat
 CVE-2021-3657 [multiple buffer overflows in isync/mbsync]
 	RESERVED
 	- isync 1.4.4-1
-	[bullseye] - isync <no-dsa> (Minor issue)
+	[bullseye] - isync 1.3.0-2.2+deb11u1
 	[buster] - isync <no-dsa> (Minor issue)
 	[stretch] - isync <no-dsa> (Minor issue)
 	NOTE: https://www.openwall.com/lists/oss-security/2021/12/03/1
@@ -19285,7 +19293,7 @@ CVE-2021-37147 (Improper input validation vulnerability in header parsing of Apa
 CVE-2021-37146 (An infinite loop in Open Robotics ros_comm XMLRPC server in ROS Melodi ...)
 	[experimental] - ros-ros-comm 1.15.13+ds1-1
 	- ros-ros-comm 1.15.13+ds1-2
-	[bullseye] - ros-ros-comm <no-dsa> (Minor issue)
+	[bullseye] - ros-ros-comm 1.15.9+ds1-7+deb11u1
 	[buster] - ros-ros-comm <no-dsa> (Minor issue)
 	[stretch] - ros-ros-comm <no-dsa> (Minor issue)
 	NOTE: https://discourse.ros.org/t/new-packages-for-melodic-2021-09-27/22446
@@ -21332,7 +21340,7 @@ CVE-2021-36222 (ec_verify in kdc/kdc_preauth_ec.c in the Key Distribution Center
 CVE-2021-36221 (Go before 1.15.15 and 1.16.x before 1.16.7 has a race condition that c ...)
 	- golang-1.16 1.16.7-1
 	- golang-1.15 1.15.15-1 (bug #991961)
-	[bullseye] - golang-1.15 <no-dsa> (Minor issue)
+	[bullseye] - golang-1.15 1.15.15-1~deb11u1
 	- golang-1.11 <removed>
 	[buster] - golang-1.11 <no-dsa> (Minor issue)
 	- golang-1.8 <removed>
@@ -52122,7 +52130,7 @@ CVE-2021-23446 (The package handsontable before 10.0.0; the package handsontable
 	NOT-FOR-US: Node handsontable
 CVE-2021-23445 (This affects the package datatables.net before 1.11.3. If an array is  ...)
 	- datatables.js 1.10.21+dfsg-3 (bug #995229)
-	[bullseye] - datatables.js <no-dsa> (Minor issue)
+	[bullseye] - datatables.js 1.10.21+dfsg-2+deb11u1
 	[buster] - datatables.js <no-dsa> (Minor issue)
 	[stretch] - datatables.js <no-dsa> (Minor issue)
 	NOTE: https://github.com/DataTables/Dist-DataTables/commit/59a8d3f8a3c1138ab08704e783bc52bfe88d7c9b (v1.11.3)
diff --git a/data/next-point-update.txt b/data/next-point-update.txt
index 955fe23410..ee92443e9c 100644
--- a/data/next-point-update.txt
+++ b/data/next-point-update.txt
@@ -1,75 +1,3 @@
-CVE-2019-11098
-	[bullseye] - edk2 2020.11-2+deb11u1
-CVE-2021-38155
-	[bullseye] - keystone 2:18.0.0-3+deb11u1
-CVE-2021-36221
-	[bullseye] - golang-1.15 1.15.15-1~deb11u1
-CVE-2021-39293
-	[bullseye] - golang-1.15 1.15.15-1~deb11u1
-CVE-2021-3770
-	[bullseye] - vim 2:8.2.2434-3+deb11u1
-CVE-2021-3778
-	[bullseye] - vim 2:8.2.2434-3+deb11u1
-CVE-2021-3796
-	[bullseye] - vim 2:8.2.2434-3+deb11u1
-CVE-2020-28282
-	[bullseye] - node-getobject 0.1.0-2+deb11u1
-CVE-2021-38714
-	[bullseye] - plib 1.8.5-8+deb11u1
-CVE-2021-3802
-	[bullseye] - udisks2 2.9.2-2+deb11u1
-CVE-2021-41182
-	[bullseye] - jqueryui 1.12.1+dfsg-8+deb11u1
-CVE-2021-41183
-	[bullseye] - jqueryui 1.12.1+dfsg-8+deb11u1
-CVE-2021-41184
-	[bullseye] - jqueryui 1.12.1+dfsg-8+deb11u1
-CVE-2021-42917
-	[bullseye] - kodi 2:19.1+dfsg2-2+deb11u1
-CVE-2021-43612
-	[bullseye] - lldpd 1.0.11-1+deb11u1
-CVE-2021-40985
-	[bullseye] - htmldoc 1.9.11-4+deb11u1
-CVE-2021-43579
-	[bullseye] - htmldoc 1.9.11-4+deb11u1
-CVE-2021-3918
-	[bullseye] - node-json-schema 0.3.0+~7.0.6-1+deb11u1
-CVE-2021-43618
-	[bullseye] - gmp 2:6.2.1+dfsg-1+deb11u1
-CVE-2021-37146
-	[bullseye] - ros-ros-comm 1.15.9+ds1-7+deb11u1
-CVE-2021-44225
-	[bullseye] - keepalived 1:2.1.5-0.2+deb11u1
-CVE-2021-38297
-	[bullseye] - golang-1.15 1.15.15-1~deb11u2
-CVE-2021-41771
-	[bullseye] - golang-1.15 1.15.15-1~deb11u2
-CVE-2021-44716
-	[bullseye] - golang-1.15 1.15.15-1~deb11u2
-CVE-2021-44717
-	[bullseye] - golang-1.15 1.15.15-1~deb11u2
-CVE-2021-41089
-	[bullseye] - docker.io 20.10.5+dfsg1-1+deb11u1
-CVE-2021-41091
-	[bullseye] - docker.io 20.10.5+dfsg1-1+deb11u1
-CVE-2021-41092
-	[bullseye] - docker.io 20.10.5+dfsg1-1+deb11u1
-CVE-2021-3657
-	[bullseye] - isync 1.3.0-2.2+deb11u1
-CVE-2021-44420
-	[bullseye] - python-django 2:2.2.25-1~deb11u1
-CVE-2021-23445
-	[bullseye] - datatables.js 1.10.21+dfsg-2+deb11u1
-CVE-2021-40391
-	[bullseye] - gerbv 2.7.0-2+deb11u1
-CVE-2021-44543
-	[bullseye] - privoxy 3.0.32-2+deb11u1
-CVE-2021-44542
-	[bullseye] - privoxy 3.0.32-2+deb11u1
-CVE-2021-44541
-	[bullseye] - privoxy 3.0.32-2+deb11u1
-CVE-2021-44540
-	[bullseye] - privoxy 3.0.32-2+deb11u1
 CVE-2021-42343
 	[bullseye] - dask.distributed 2021.01.0+ds.1-2.1+deb11u1
 CVE-2021-3654
author	Salvatore Bonaccorso <carnil@debian.org>	2021-12-18 10:51:34 +0100
committer	Salvatore Bonaccorso <carnil@debian.org>	2021-12-18 10:51:34 +0100
commit	7cc11078297cfcb801360bdb83df8569c30ac041 (patch)
tree	0eb7bbee3e7699de98728a8e4cdf9e905fbb817c
parent	b2cd61199195bc02021432ce71f4b8e07cf78044 (diff)