diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2021-12-18 10:51:34 +0100 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2021-12-18 10:51:34 +0100 |
commit | 7cc11078297cfcb801360bdb83df8569c30ac041 (patch) | |
tree | 0eb7bbee3e7699de98728a8e4cdf9e905fbb817c | |
parent | b2cd61199195bc02021432ce71f4b8e07cf78044 (diff) |
Merge in changes accepted for bullseye 11.2
-rw-r--r-- | data/CVE/list.2019 | 2 | ||||
-rw-r--r-- | data/CVE/list.2020 | 2 | ||||
-rw-r--r-- | data/CVE/list.2021 | 60 | ||||
-rw-r--r-- | data/next-point-update.txt | 72 |
4 files changed, 36 insertions, 100 deletions
diff --git a/data/CVE/list.2019 b/data/CVE/list.2019 index d28a0fff7b..9fc5481104 100644 --- a/data/CVE/list.2019 +++ b/data/CVE/list.2019 @@ -26152,7 +26152,7 @@ CVE-2019-11099 CVE-2019-11098 (Insufficient input validation in MdeModulePkg in EDKII may allow an un ...) [experimental] - edk2 2021.02-1 - edk2 2020.11-5 (bug #991495) - [bullseye] - edk2 <no-dsa> (Minor issue) + [bullseye] - edk2 2020.11-2+deb11u1 [buster] - edk2 <no-dsa> (Minor issue) [stretch] - edk2 <no-dsa> (Minor issue) NOTE: https://edk2-docs.gitbook.io/security-advisory/bootguard-toctou-vulnerability diff --git a/data/CVE/list.2020 b/data/CVE/list.2020 index 8cd46829f4..1545f614ac 100644 --- a/data/CVE/list.2020 +++ b/data/CVE/list.2020 @@ -6797,7 +6797,7 @@ CVE-2020-28283 (Prototype pollution vulnerability in 'libnested' versions 0.0.0 NOT-FOR-US: libnested CVE-2020-28282 (Prototype pollution vulnerability in 'getobject' version 0.1.0 allows ...) - node-getobject 1.0.2-1 - [bullseye] - node-getobject <no-dsa> (Minor issue) + [bullseye] - node-getobject 0.1.0-2+deb11u1 [buster] - node-getobject <no-dsa> (Minor issue) [stretch] - node-getobject <no-dsa> (Minor issue) NOTE: https://github.com/cowboy/node-getobject/commit/84071748fa407caa8f824e0d0b9c1cde9ec56633 (v1.0.0) diff --git a/data/CVE/list.2021 b/data/CVE/list.2021 index 4560955288..befa62e4aa 100644 --- a/data/CVE/list.2021 +++ b/data/CVE/list.2021 @@ -1008,6 +1008,7 @@ CVE-2021-44717 RESERVED - golang-1.17 1.17.5-1 - golang-1.15 1.15.15-5 + [bullseye] - golang-1.15 1.15.15-1~deb11u2 - golang-1.11 <removed> - golang-1.8 <removed> - golang-1.7 <removed> @@ -1019,6 +1020,7 @@ CVE-2021-44716 RESERVED - golang-1.17 1.17.5-1 - golang-1.15 1.15.15-5 + [bullseye] - golang-1.15 1.15.15-1~deb11u2 - golang-1.11 <removed> - golang-1.8 <removed> - golang-1.7 <removed> @@ -1471,14 +1473,14 @@ CVE-2021-44543 RESERVED {DLA-2844-1} - privoxy 3.0.33-1 - [bullseye] - privoxy <no-dsa> (Minor issue) + [bullseye] - privoxy 3.0.32-2+deb11u1 [buster] - privoxy <no-dsa> (Minor issue) NOTE: https://www.openwall.com/lists/oss-security/2021/12/09/1 NOTE: https://www.privoxy.org/gitweb/?p=privoxy.git;a=commit;h=0e668e9409cbf4ab8bf2d79be204bd4e81a00d85 (v_3_0_33) CVE-2021-44542 RESERVED - privoxy 3.0.33-1 - [bullseye] - privoxy <no-dsa> (Minor issue) + [bullseye] - privoxy 3.0.32-2+deb11u1 [buster] - privoxy <not-affected> (Vulnerable code introduced in 3.0.29) [stretch] - privoxy <not-affected> (Vulnerable code introduced in 3.0.29) NOTE: https://www.openwall.com/lists/oss-security/2021/12/09/1 @@ -1486,7 +1488,7 @@ CVE-2021-44542 CVE-2021-44541 RESERVED - privoxy 3.0.33-1 - [bullseye] - privoxy <no-dsa> (Minor issue) + [bullseye] - privoxy 3.0.32-2+deb11u1 [buster] - privoxy <not-affected> (Vulnerable code introduced in 3.0.29) [stretch] - privoxy <not-affected> (Vulnerable code introduced in 3.0.29) NOTE: https://www.openwall.com/lists/oss-security/2021/12/09/1 @@ -1495,7 +1497,7 @@ CVE-2021-44540 RESERVED {DLA-2844-1} - privoxy 3.0.33-1 - [bullseye] - privoxy <no-dsa> (Minor issue) + [bullseye] - privoxy 3.0.32-2+deb11u1 [buster] - privoxy <no-dsa> (Minor issue) NOTE: https://www.openwall.com/lists/oss-security/2021/12/09/1 NOTE: https://www.privoxy.org/gitweb/?p=privoxy.git;a=commit;h=652b4b7cb07592c0912cf938a50fcd009fa29a0a (v_3_0_33) @@ -1817,7 +1819,7 @@ CVE-2021-44421 RESERVED CVE-2021-44420 (In Django 2.2 before 2.2.25, 3.1 before 3.1.14, and 3.2 before 3.2.10, ...) - python-django 2:3.2.10-1 - [bullseye] - python-django <no-dsa> (Minor issue) + [bullseye] - python-django 2:2.2.25-1~deb11u1 [buster] - python-django <no-dsa> (Minor issue) [stretch] - python-django <not-affected> (Vulnerable code not present; path converters added later) NOTE: https://www.openwall.com/lists/oss-security/2021/12/07/1 @@ -2264,7 +2266,7 @@ CVE-2021-4022 RESERVED CVE-2021-44225 (In Keepalived through 2.2.4, the D-Bus policy does not sufficiently re ...) - keepalived 1:2.2.4-0.2 - [bullseye] - keepalived <no-dsa> (Minor issue) + [bullseye] - keepalived 1:2.1.5-0.2+deb11u1 [buster] - keepalived <no-dsa> (Minor issue) [stretch] - keepalived <no-dsa> (Minor issue) NOTE: https://github.com/acassen/keepalived/pull/2063 @@ -3721,7 +3723,7 @@ CVE-2021-43619 CVE-2021-43618 (GNU Multiple Precision Arithmetic Library (GMP) through 6.2.1 has an m ...) {DLA-2837-1} - gmp 2:6.2.1+dfsg-3 (bug #994405) - [bullseye] - gmp <no-dsa> (Minor issue) + [bullseye] - gmp 2:6.2.1+dfsg-1+deb11u1 [buster] - gmp <no-dsa> (Minor issue) NOTE: https://gmplib.org/list-archives/gmp-bugs/2021-September/005077.html NOTE: https://gmplib.org/repo/gmp-6.2/rev/561a9c25298e @@ -3744,7 +3746,7 @@ CVE-2021-43613 CVE-2021-43612 [crash in SONMP decoder] RESERVED - lldpd 1.0.13-1 - [bullseye] - lldpd <no-dsa> (Minor issue) + [bullseye] - lldpd 1.0.11-1+deb11u1 [buster] - lldpd <no-dsa> (Minor issue) [stretch] - lldpd <no-dsa> (Minor issue) NOTE: https://github.com/lldpd/lldpd/commit/73d42680fce8598324364dbb31b9bc3b8320adf7 (1.0.13) @@ -3829,6 +3831,7 @@ CVE-2021-43580 RESERVED CVE-2021-43579 (A stack-based buffer overflow in image_load_bmp() in HTMLDOC before 1. ...) - htmldoc 1.9.13-1 (unimportant) + [bullseye] - htmldoc 1.9.11-4+deb11u1 NOTE: https://github.com/michaelrsweet/htmldoc/commit/27d08989a5a567155d506ac870ae7d8cc88fa58b (v1.9.13) NOTE: https://github.com/michaelrsweet/htmldoc/issues/453 NOTE: Crash in CLI tool, no security impact @@ -4900,7 +4903,7 @@ CVE-2021-43175 (The GOautodial API prior to commit 3c3a979 made on October 13th, NOT-FOR-US: GOautodial API CVE-2021-3918 (json-schema is vulnerable to Improperly Controlled Modification of Obj ...) - node-json-schema 0.4.0+~7.0.9-1 (bug #999765) - [bullseye] - node-json-schema <no-dsa> (Minor issue) + [bullseye] - node-json-schema 0.3.0+~7.0.6-1+deb11u1 [buster] - node-json-schema <no-dsa> (Minor issue) NOTE: https://github.com/kriszyp/json-schema/commit/22f146111f541d9737e832823699ad3528ca7741 (v0.4.0) CVE-2021-43174 (NLnet Labs Routinator versions 0.9.0 up to and including 0.10.1, suppo ...) @@ -5489,7 +5492,7 @@ CVE-2021-42918 RESERVED CVE-2021-42917 (Buffer overflow vulnerability in Kodi xbmc up to 19.0, allows attacker ...) - kodi 2:19.3+dfsg1-1 (bug #998419) - [bullseye] - kodi <no-dsa> (Minor issue) + [bullseye] - kodi 2:19.1+dfsg2-2+deb11u1 [buster] - kodi <no-dsa> (Minor issue) [stretch] - kodi <postponed> (no point in fixing this when the more severe CVE-2017-5982 is ignored) - xbmc <removed> @@ -8194,7 +8197,7 @@ CVE-2021-41771 (ImportedSymbols in debug/macho (for Open or OpenFat) in Go befor - golang-1.17 1.17.3-1 - golang-1.16 1.16.10-1 - golang-1.15 1.15.15-5 - [bullseye] - golang-1.15 <no-dsa> (Minor issue; will be fixed via point release) + [bullseye] - golang-1.15 1.15.15-1~deb11u2 - golang-1.11 <removed> [buster] - golang-1.11 <no-dsa> (Minor issue) - golang-1.8 <removed> @@ -9538,17 +9541,20 @@ CVE-2021-41185 (Mycodo is an environmental monitoring and regulation system. An NOT-FOR-US: Mycodo CVE-2021-41184 (jQuery-UI is the official jQuery user interface library. Prior to vers ...) - jqueryui 1.13.0+dfsg-1 + [bullseye] - jqueryui 1.12.1+dfsg-8+deb11u1 [stretch] - jqueryui <no-dsa> (Minor issue) NOTE: https://github.com/jquery/jquery-ui/security/advisories/GHSA-gpqq-952q-5327 NOTE: https://github.com/jquery/jquery-ui/commit/effa323f1505f2ce7a324e4f429fa9032c72f280 CVE-2021-41183 (jQuery-UI is the official jQuery user interface library. Prior to vers ...) - jqueryui 1.13.0+dfsg-1 + [bullseye] - jqueryui 1.12.1+dfsg-8+deb11u1 [stretch] - jqueryui <no-dsa> (Minor issue) NOTE: https://github.com/jquery/jquery-ui/security/advisories/GHSA-j7qv-pgf6-hvh4 NOTE: https://bugs.jqueryui.com/ticket/15284 NOTE: https://github.com/jquery/jquery-ui/pull/1953 CVE-2021-41182 (jQuery-UI is the official jQuery user interface library. Prior to vers ...) - jqueryui 1.13.0+dfsg-1 + [bullseye] - jqueryui 1.12.1+dfsg-8+deb11u1 [stretch] - jqueryui <no-dsa> (Minor issue) NOTE: https://github.com/jquery/jquery-ui/security/advisories/GHSA-9gj3-hwp5-pmwc NOTE: https://github.com/jquery/jquery-ui/commit/32850869d308d5e7c9bf3e3b4d483ea886d373ce @@ -9774,13 +9780,13 @@ CVE-2021-41093 (Wire is an open source secure messenger. In affected versions if NOT-FOR-US: Wire iOS CVE-2021-41092 (Docker CLI is the command line interface for the docker container runt ...) - docker.io 20.10.10+dfsg1-1 (bug #998292) - [bullseye] - docker.io <no-dsa> (Minor issue) + [bullseye] - docker.io 20.10.5+dfsg1-1+deb11u1 [buster] - docker.io <no-dsa> (Minor issue) NOTE: https://github.com/docker/cli/security/advisories/GHSA-99pg-grm5-qq3v NOTE: https://github.com/docker/cli/commit/893e52cf4ba4b048d72e99748e0f86b2767c6c6b CVE-2021-41091 (Moby is an open-source project created by Docker to enable software co ...) - docker.io 20.10.10+dfsg1-1 - [bullseye] - docker.io <no-dsa> (Minor issue) + [bullseye] - docker.io 20.10.5+dfsg1-1+deb11u1 [buster] - docker.io <no-dsa> (Minor issue) NOTE: https://github.com/moby/moby/security/advisories/GHSA-3fwx-pjgw-3558 NOTE: https://github.com/moby/moby/commit/f0ab919f518c47240ea0e72d0999576bb8008e64 @@ -9788,7 +9794,7 @@ CVE-2021-41090 (Grafana Agent is a telemetry collector for sending metrics, logs NOT-FOR-US: Grafana Agent CVE-2021-41089 (Moby is an open-source project created by Docker to enable software co ...) - docker.io 20.10.10+dfsg1-1 - [bullseye] - docker.io <no-dsa> (Minor issue) + [bullseye] - docker.io 20.10.5+dfsg1-1+deb11u1 [buster] - docker.io <no-dsa> (Minor issue) NOTE: https://github.com/moby/moby/security/advisories/GHSA-v994-f8vw-g7j4 CVE-2021-41088 (Elvish is a programming language and interactive shell, combined into ...) @@ -9824,7 +9830,7 @@ CVE-2021-3803 (nth-check is vulnerable to Inefficient Regular Expression Complex CVE-2021-3802 (A vulnerability found in udisks2. This flaw allows an attacker to inpu ...) {DLA-2809-1} - udisks2 2.9.4-1 - [bullseye] - udisks2 <no-dsa> (Minor issue) + [bullseye] - udisks2 2.9.2-2+deb11u1 [buster] - udisks2 <no-dsa> (Minor issue) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2003649 NOTE: https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2021-045.txt @@ -10042,6 +10048,7 @@ CVE-2021-3800 RESERVED CVE-2021-40985 (Buffer overflow vulnerability in htmldoc before 1.9.12, allows attacke ...) - htmldoc 1.9.13-1 (unimportant) + [bullseye] - htmldoc 1.9.11-4+deb11u1 NOTE: https://github.com/michaelrsweet/htmldoc/issues/444 NOTE: https://github.com/michaelrsweet/htmldoc/commit/f12b9666e582a8e7b70f11b28e5ffc49ad625d43 (v1.9.13) NOTE: Crash in CLI tool, no security impact @@ -10319,7 +10326,7 @@ CVE-2021-3797 (hestiacp is vulnerable to Use of Wrong Operator in String Compari NOT-FOR-US: Hestia Control Panel CVE-2021-3796 (vim is vulnerable to Use After Free ...) - vim 2:8.2.3455-1 (bug #994497) - [bullseye] - vim <no-dsa> (Minor issue) + [bullseye] - vim 2:8.2.2434-3+deb11u1 [buster] - vim <no-dsa> (Minor issue) [stretch] - vim <no-dsa> (Minor issue) NOTE: https://huntr.dev/bounties/ab60b7f3-6fb1-4ac2-a4fa-4d592e08008d/ @@ -10774,7 +10781,7 @@ CVE-2021-3779 RESERVED CVE-2021-3778 (vim is vulnerable to Heap-based Buffer Overflow ...) - vim 2:8.2.3455-1 (bug #994498) - [bullseye] - vim <no-dsa> (Minor issue) + [bullseye] - vim 2:8.2.2434-3+deb11u1 [buster] - vim <no-dsa> (Minor issue) [stretch] - vim <no-dsa> (Minor issue) NOTE: https://huntr.dev/bounties/d9c17308-2c99-4f9f-a706-f7f72c24c273 @@ -11175,7 +11182,7 @@ CVE-2021-40515 RESERVED CVE-2021-3770 (vim is vulnerable to Heap-based Buffer Overflow ...) - vim 2:8.2.3455-1 (bug #994076) - [bullseye] - vim <no-dsa> (Minor issue) + [bullseye] - vim 2:8.2.2434-3+deb11u1 [buster] - vim <no-dsa> (Minor issue) [stretch] - vim <no-dsa> (Minor issue) NOTE: https://huntr.dev/bounties/016ad2f2-07c1-4d14-a8ce-6eed10729365/ @@ -11471,7 +11478,7 @@ CVE-2021-40392 CVE-2021-40391 (An out-of-bounds write vulnerability exists in the drill format T-code ...) {DLA-2839-1} - gerbv 2.7.1-1 - [bullseye] - gerbv <no-dsa> (Minor issue) + [bullseye] - gerbv 2.7.0-2+deb11u1 [buster] - gerbv <no-dsa> (Minor issue) NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2021-1402 NOTE: https://github.com/gerbv/gerbv/commit/9f83950b772b37b49ee188300e444546e6aab17e @@ -14061,6 +14068,7 @@ CVE-2021-39293 - golang-1.17 1.17.1-1 - golang-1.16 1.16.8-1 - golang-1.15 1.15.15-2 + [bullseye] - golang-1.15 1.15.15-1~deb11u1 - golang-1.11 <removed> [buster] - golang-1.11 <no-dsa> (Minor issue) - golang-1.8 <removed> @@ -15464,7 +15472,7 @@ CVE-2021-38715 CVE-2021-38714 (In Plib through 1.85, there is an integer overflow vulnerability that ...) {DLA-2775-1} - plib 1.8.5-10 (bug #992973) - [bullseye] - plib <no-dsa> (Minor issue) + [bullseye] - plib 1.8.5-8+deb11u1 [buster] - plib <no-dsa> (Minor issue) NOTE: https://sourceforge.net/p/plib/bugs/55/ CVE-2021-38713 (imgURL 2.31 allows XSS via an X-Forwarded-For HTTP header. ...) @@ -16521,7 +16529,7 @@ CVE-2021-38297 (Go before 1.16.9 and 1.17.x before 1.17.2 has a Buffer Overflow - golang-1.17 1.17.2-1 - golang-1.16 1.16.9-1 - golang-1.15 1.15.15-5 - [bullseye] - golang-1.15 <no-dsa> (Minor issue; will be fixed via point release) + [bullseye] - golang-1.15 1.15.15-1~deb11u2 - golang-1.11 <removed> [buster] - golang-1.11 <no-dsa> (Minor issue) - golang-1.8 <not-affected> (Vulnerable code not present) @@ -16888,7 +16896,7 @@ CVE-2021-38156 (In Nagios XI before 5.8.6, XSS exists in the dashboard page (/da NOT-FOR-US: Nagios XI CVE-2021-38155 (OpenStack Keystone 10.x through 16.x before 16.0.2, 17.x before 17.0.1 ...) - keystone 2:19.0.0-3 (bug #992070) - [bullseye] - keystone <no-dsa> (Minor issue) + [bullseye] - keystone 2:18.0.0-3+deb11u1 [buster] - keystone <no-dsa> (Minor issue) [stretch] - keystone <end-of-life> (Keystone not supported in stretch) NOTE: https://launchpad.net/bugs/1688137 @@ -19252,7 +19260,7 @@ CVE-2021-37151 (CyberArk Identity 21.5.131, when handling an invalid authenticat CVE-2021-3657 [multiple buffer overflows in isync/mbsync] RESERVED - isync 1.4.4-1 - [bullseye] - isync <no-dsa> (Minor issue) + [bullseye] - isync 1.3.0-2.2+deb11u1 [buster] - isync <no-dsa> (Minor issue) [stretch] - isync <no-dsa> (Minor issue) NOTE: https://www.openwall.com/lists/oss-security/2021/12/03/1 @@ -19285,7 +19293,7 @@ CVE-2021-37147 (Improper input validation vulnerability in header parsing of Apa CVE-2021-37146 (An infinite loop in Open Robotics ros_comm XMLRPC server in ROS Melodi ...) [experimental] - ros-ros-comm 1.15.13+ds1-1 - ros-ros-comm 1.15.13+ds1-2 - [bullseye] - ros-ros-comm <no-dsa> (Minor issue) + [bullseye] - ros-ros-comm 1.15.9+ds1-7+deb11u1 [buster] - ros-ros-comm <no-dsa> (Minor issue) [stretch] - ros-ros-comm <no-dsa> (Minor issue) NOTE: https://discourse.ros.org/t/new-packages-for-melodic-2021-09-27/22446 @@ -21332,7 +21340,7 @@ CVE-2021-36222 (ec_verify in kdc/kdc_preauth_ec.c in the Key Distribution Center CVE-2021-36221 (Go before 1.15.15 and 1.16.x before 1.16.7 has a race condition that c ...) - golang-1.16 1.16.7-1 - golang-1.15 1.15.15-1 (bug #991961) - [bullseye] - golang-1.15 <no-dsa> (Minor issue) + [bullseye] - golang-1.15 1.15.15-1~deb11u1 - golang-1.11 <removed> [buster] - golang-1.11 <no-dsa> (Minor issue) - golang-1.8 <removed> @@ -52122,7 +52130,7 @@ CVE-2021-23446 (The package handsontable before 10.0.0; the package handsontable NOT-FOR-US: Node handsontable CVE-2021-23445 (This affects the package datatables.net before 1.11.3. If an array is ...) - datatables.js 1.10.21+dfsg-3 (bug #995229) - [bullseye] - datatables.js <no-dsa> (Minor issue) + [bullseye] - datatables.js 1.10.21+dfsg-2+deb11u1 [buster] - datatables.js <no-dsa> (Minor issue) [stretch] - datatables.js <no-dsa> (Minor issue) NOTE: https://github.com/DataTables/Dist-DataTables/commit/59a8d3f8a3c1138ab08704e783bc52bfe88d7c9b (v1.11.3) diff --git a/data/next-point-update.txt b/data/next-point-update.txt index 955fe23410..ee92443e9c 100644 --- a/data/next-point-update.txt +++ b/data/next-point-update.txt @@ -1,75 +1,3 @@ -CVE-2019-11098 - [bullseye] - edk2 2020.11-2+deb11u1 -CVE-2021-38155 - [bullseye] - keystone 2:18.0.0-3+deb11u1 -CVE-2021-36221 - [bullseye] - golang-1.15 1.15.15-1~deb11u1 -CVE-2021-39293 - [bullseye] - golang-1.15 1.15.15-1~deb11u1 -CVE-2021-3770 - [bullseye] - vim 2:8.2.2434-3+deb11u1 -CVE-2021-3778 - [bullseye] - vim 2:8.2.2434-3+deb11u1 -CVE-2021-3796 - [bullseye] - vim 2:8.2.2434-3+deb11u1 -CVE-2020-28282 - [bullseye] - node-getobject 0.1.0-2+deb11u1 -CVE-2021-38714 - [bullseye] - plib 1.8.5-8+deb11u1 -CVE-2021-3802 - [bullseye] - udisks2 2.9.2-2+deb11u1 -CVE-2021-41182 - [bullseye] - jqueryui 1.12.1+dfsg-8+deb11u1 -CVE-2021-41183 - [bullseye] - jqueryui 1.12.1+dfsg-8+deb11u1 -CVE-2021-41184 - [bullseye] - jqueryui 1.12.1+dfsg-8+deb11u1 -CVE-2021-42917 - [bullseye] - kodi 2:19.1+dfsg2-2+deb11u1 -CVE-2021-43612 - [bullseye] - lldpd 1.0.11-1+deb11u1 -CVE-2021-40985 - [bullseye] - htmldoc 1.9.11-4+deb11u1 -CVE-2021-43579 - [bullseye] - htmldoc 1.9.11-4+deb11u1 -CVE-2021-3918 - [bullseye] - node-json-schema 0.3.0+~7.0.6-1+deb11u1 -CVE-2021-43618 - [bullseye] - gmp 2:6.2.1+dfsg-1+deb11u1 -CVE-2021-37146 - [bullseye] - ros-ros-comm 1.15.9+ds1-7+deb11u1 -CVE-2021-44225 - [bullseye] - keepalived 1:2.1.5-0.2+deb11u1 -CVE-2021-38297 - [bullseye] - golang-1.15 1.15.15-1~deb11u2 -CVE-2021-41771 - [bullseye] - golang-1.15 1.15.15-1~deb11u2 -CVE-2021-44716 - [bullseye] - golang-1.15 1.15.15-1~deb11u2 -CVE-2021-44717 - [bullseye] - golang-1.15 1.15.15-1~deb11u2 -CVE-2021-41089 - [bullseye] - docker.io 20.10.5+dfsg1-1+deb11u1 -CVE-2021-41091 - [bullseye] - docker.io 20.10.5+dfsg1-1+deb11u1 -CVE-2021-41092 - [bullseye] - docker.io 20.10.5+dfsg1-1+deb11u1 -CVE-2021-3657 - [bullseye] - isync 1.3.0-2.2+deb11u1 -CVE-2021-44420 - [bullseye] - python-django 2:2.2.25-1~deb11u1 -CVE-2021-23445 - [bullseye] - datatables.js 1.10.21+dfsg-2+deb11u1 -CVE-2021-40391 - [bullseye] - gerbv 2.7.0-2+deb11u1 -CVE-2021-44543 - [bullseye] - privoxy 3.0.32-2+deb11u1 -CVE-2021-44542 - [bullseye] - privoxy 3.0.32-2+deb11u1 -CVE-2021-44541 - [bullseye] - privoxy 3.0.32-2+deb11u1 -CVE-2021-44540 - [bullseye] - privoxy 3.0.32-2+deb11u1 CVE-2021-42343 [bullseye] - dask.distributed 2021.01.0+ds.1-2.1+deb11u1 CVE-2021-3654 |