diff options
author | security tracker role <sectracker@soriano.debian.org> | 2021-10-30 08:10:12 +0000 |
---|---|---|
committer | security tracker role <sectracker@soriano.debian.org> | 2021-10-30 08:10:12 +0000 |
commit | a7a1c8bfa49d8d5bb37fa25e319c99ba26d95d81 (patch) | |
tree | c1b26acab6da700b4ebf6526383d4b8ecd23d364 | |
parent | 99715a23da5cbf517451dd15579b0cd8babb4135 (diff) |
automatic update
-rw-r--r-- | data/CVE/2016.list | 2 | ||||
-rw-r--r-- | data/CVE/2017.list | 26 | ||||
-rw-r--r-- | data/CVE/2018.list | 4 | ||||
-rw-r--r-- | data/CVE/2019.list | 2 | ||||
-rw-r--r-- | data/CVE/2020.list | 13 | ||||
-rw-r--r-- | data/CVE/2021.list | 24 |
6 files changed, 37 insertions, 34 deletions
diff --git a/data/CVE/2016.list b/data/CVE/2016.list index 753fd8dc94..b64b177db4 100644 --- a/data/CVE/2016.list +++ b/data/CVE/2016.list @@ -29104,7 +29104,7 @@ CVE-2016-1517 (OpenCV 3.0.0 allows remote attackers to cause a denial of service NOTE: https://arxiv.org/pdf/1701.04739.pdf NOTE: https://github.com/opencv/opencv/issues/5956 CVE-2016-1516 (OpenCV 3.0.0 has a double free issue that allows attackers to execute ...) - {DLA-1438-1 DLA-1117-1} + {DLA-2799-1 DLA-1438-1 DLA-1117-1} [experimental] - opencv 3.4.4+dfsg-1~exp1 - opencv 3.2.0+dfsg-6 (bug #872043) NOTE: https://arxiv.org/pdf/1701.04739.pdf diff --git a/data/CVE/2017.list b/data/CVE/2017.list index 0d6af96bbd..c636276170 100644 --- a/data/CVE/2017.list +++ b/data/CVE/2017.list @@ -2538,7 +2538,7 @@ CVE-2017-1000452 (An XML Signature Wrapping vulnerability exists in Samlify 2.2. CVE-2017-1000451 (fs-git is a file system like api for git repository. The fs-git versio ...) NOT-FOR-US: fs-git CVE-2017-1000450 (In opencv/modules/imgcodecs/src/utils.cpp, functions FillUniColor and ...) - {DLA-1438-1 DLA-1235-1} + {DLA-2799-1 DLA-1438-1 DLA-1235-1} [experimental] - opencv 3.4.4+dfsg-1~exp1 - opencv 3.2.0+dfsg-6 (bug #886282) NOTE: https://github.com/opencv/opencv/issues/9723 @@ -3432,7 +3432,7 @@ CVE-2017-17787 (In GIMP 2.8.22, there is a heap-based buffer over-read in read_c NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=790853 NOTE: Crash in desktop tool, no/negligible security impact CVE-2017-17760 (OpenCV 3.3.1 has a Buffer Overflow in the cv::PxMDecoder::readData fun ...) - {DLA-1438-1 DLA-1235-1} + {DLA-2799-1 DLA-1438-1 DLA-1235-1} [experimental] - opencv 3.4.4+dfsg-1~exp1 - opencv 3.2.0+dfsg-6 (bug #885843) NOTE: https://github.com/opencv/opencv/issues/10351 @@ -17280,17 +17280,17 @@ CVE-2017-12865 (Stack-based buffer overflow in "dnsproxy.c" in connman 1.34 and - connman 1.35-1 (bug #872844) NOTE: https://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=5c281d182ecdd0a424b64f7698f32467f8f67b71 (1.35) CVE-2017-12864 (In opencv/modules/imgcodecs/src/grfmt_pxm.cpp, function ReadNumber did ...) - {DLA-1438-1 DLA-1117-1} + {DLA-2799-1 DLA-1438-1 DLA-1117-1} [experimental] - opencv 3.4.4+dfsg-1~exp1 - opencv 3.2.0+dfsg-6 (bug #875345) NOTE: https://github.com/opencv/opencv/issues/9372 CVE-2017-12863 (In opencv/modules/imgcodecs/src/grfmt_pxm.cpp, function PxMDecoder::re ...) - {DLA-1438-1 DLA-1117-1} + {DLA-2799-1 DLA-1438-1 DLA-1117-1} [experimental] - opencv 3.4.4+dfsg-1~exp1 - opencv 3.2.0+dfsg-6 (bug #875344) NOTE: https://github.com/opencv/opencv/issues/9371 CVE-2017-12862 (In modules/imgcodecs/src/grfmt_pxm.cpp, the length of buffer AutoBuffe ...) - {DLA-1438-1 DLA-1117-1} + {DLA-2799-1 DLA-1438-1 DLA-1117-1} [experimental] - opencv 3.4.4+dfsg-1~exp1 - opencv 3.2.0+dfsg-6 (bug #875342) NOTE: https://github.com/opencv/opencv/issues/9370 @@ -18108,22 +18108,22 @@ CVE-2017-12607 (A vulnerability in OpenOffice's PPT file parser before 4.1.4, an NOTE: https://www.libreoffice.org/about-us/security/advisories/CVE-2017-12607 NOTE: https://cgit.freedesktop.org/libreoffice/core/commit/?id=334dba623dfb0c4fb2b5292c2d03741b7b33aef1 CVE-2017-12606 (OpenCV (Open Source Computer Vision Library) through 3.3 has an out-of ...) - {DLA-1438-1 DLA-1117-1} + {DLA-2799-1 DLA-1438-1 DLA-1117-1} [experimental] - opencv 3.4.4+dfsg-1~exp1 - opencv 3.2.0+dfsg-6 (bug #872044) NOTE: https://github.com/opencv/opencv/issues/9309 CVE-2017-12605 (OpenCV (Open Source Computer Vision Library) through 3.3 has an out-of ...) - {DLA-1438-1 DLA-1117-1} + {DLA-2799-1 DLA-1438-1 DLA-1117-1} [experimental] - opencv 3.4.4+dfsg-1~exp1 - opencv 3.2.0+dfsg-6 (bug #872044) NOTE: https://github.com/opencv/opencv/issues/9309 CVE-2017-12604 (OpenCV (Open Source Computer Vision Library) through 3.3 has an out-of ...) - {DLA-1438-1 DLA-1117-1} + {DLA-2799-1 DLA-1438-1 DLA-1117-1} [experimental] - opencv 3.4.4+dfsg-1~exp1 - opencv 3.2.0+dfsg-6 (bug #872044) NOTE: https://github.com/opencv/opencv/issues/9309 CVE-2017-12603 (OpenCV (Open Source Computer Vision Library) through 3.3 has an invali ...) - {DLA-1438-1 DLA-1117-1} + {DLA-2799-1 DLA-1438-1 DLA-1117-1} [experimental] - opencv 3.4.4+dfsg-1~exp1 - opencv 3.2.0+dfsg-6 (bug #872044) NOTE: https://github.com/opencv/opencv/issues/9309 @@ -18135,7 +18135,7 @@ CVE-2017-12602 (OpenCV (Open Source Computer Vision Library) through 3.3 has a d [wheezy] - opencv <ignored> (Minor issue) NOTE: https://github.com/opencv/opencv/issues/9311 CVE-2017-12601 (OpenCV (Open Source Computer Vision Library) through 3.3 has a buffer ...) - {DLA-1438-1 DLA-1117-1} + {DLA-2799-1 DLA-1438-1 DLA-1117-1} [experimental] - opencv 3.4.4+dfsg-1~exp1 - opencv 3.2.0+dfsg-6 (bug #872044) NOTE: https://github.com/opencv/opencv/issues/9309 @@ -18147,17 +18147,17 @@ CVE-2017-12600 (OpenCV (Open Source Computer Vision Library) through 3.3 has a d [wheezy] - opencv <ignored> (Minor issue) NOTE: https://github.com/opencv/opencv/issues/9311 CVE-2017-12599 (OpenCV (Open Source Computer Vision Library) through 3.3 has an out-of ...) - {DLA-1438-1 DLA-1117-1} + {DLA-2799-1 DLA-1438-1 DLA-1117-1} [experimental] - opencv 3.4.4+dfsg-1~exp1 - opencv 3.2.0+dfsg-6 (bug #872044) NOTE: https://github.com/opencv/opencv/issues/9309 CVE-2017-12598 (OpenCV (Open Source Computer Vision Library) through 3.3 has an out-of ...) - {DLA-1438-1 DLA-1117-1} + {DLA-2799-1 DLA-1438-1 DLA-1117-1} [experimental] - opencv 3.4.4+dfsg-1~exp1 - opencv 3.2.0+dfsg-6 (bug #872044) NOTE: https://github.com/opencv/opencv/issues/9309 CVE-2017-12597 (OpenCV (Open Source Computer Vision Library) through 3.3 has an out-of ...) - {DLA-1438-1 DLA-1117-1} + {DLA-2799-1 DLA-1438-1 DLA-1117-1} [experimental] - opencv 3.4.4+dfsg-1~exp1 - opencv 3.2.0+dfsg-6 (bug #872044) NOTE: https://github.com/opencv/opencv/issues/9309 diff --git a/data/CVE/2018.list b/data/CVE/2018.list index 2c8688f947..7f37f2c9f4 100644 --- a/data/CVE/2018.list +++ b/data/CVE/2018.list @@ -42950,13 +42950,13 @@ CVE-2018-5271 (** DISPUTED ** In Malwarebytes Premium 3.3.1.2183, the driver fil CVE-2018-5270 (** DISPUTED ** In Malwarebytes Premium 3.3.1.2183, the driver file (FA ...) NOT-FOR-US: Malwarebytes Premium CVE-2018-5269 (In OpenCV 3.3.1, an assertion failure happens in cv::RBaseStream::setP ...) - {DLA-1438-1 DLA-1354-1} + {DLA-2799-1 DLA-1438-1 DLA-1354-1} [experimental] - opencv 3.4.4+dfsg-1~exp1 - opencv 3.2.0+dfsg-6 (bug #886675) NOTE: https://github.com/opencv/opencv/issues/10540 NOTE: 2.4 backport: https://patch-diff.githubusercontent.com/raw/opencv/opencv/pull/10901.patch CVE-2018-5268 (In OpenCV 3.3.1, a heap-based buffer overflow happens in cv::Jpeg2KDec ...) - {DLA-1438-1 DLA-1354-1} + {DLA-2799-1 DLA-1438-1 DLA-1354-1} [experimental] - opencv 3.4.4+dfsg-1~exp1 - opencv 3.2.0+dfsg-6 (bug #886674) NOTE: https://github.com/opencv/opencv/issues/10541 diff --git a/data/CVE/2019.list b/data/CVE/2019.list index 54e23ec2ad..176617c1e4 100644 --- a/data/CVE/2019.list +++ b/data/CVE/2019.list @@ -12940,6 +12940,7 @@ CVE-2019-15941 (OpenID Connect Issuer in LemonLDAP::NG 2.x through 2.0.5 may all CVE-2019-15940 (Victure PC530 devices allow unauthenticated TELNET access as root. ...) NOT-FOR-US: Victure PC530 devices CVE-2019-15939 (An issue was discovered in OpenCV 4.1.0. There is a divide-by-zero err ...) + {DLA-2799-1} - opencv 4.1.2+dfsg-3 [buster] - opencv <no-dsa> (Minor issue) [jessie] - opencv <no-dsa> (Minor issue) @@ -16935,6 +16936,7 @@ CVE-2019-14494 (An issue was discovered in Poppler through 0.78.0. There is a di NOTE: https://gitlab.freedesktop.org/poppler/poppler/merge_requests/317 NOTE: https://gitlab.freedesktop.org/poppler/poppler/commit/b224e2f5739fe61de9fa69955d016725b2a4b78d CVE-2019-14493 (An issue was discovered in OpenCV before 4.1.1. There is a NULL pointe ...) + {DLA-2799-1} [experimental] - opencv 4.1.1+dfsg-1 - opencv 4.1.2+dfsg-3 [buster] - opencv <no-dsa> (Minor issue) diff --git a/data/CVE/2020.list b/data/CVE/2020.list index af266fc8bf..d9e1c4cbb6 100644 --- a/data/CVE/2020.list +++ b/data/CVE/2020.list @@ -12473,8 +12473,8 @@ CVE-2020-25883 RESERVED CVE-2020-25882 RESERVED -CVE-2020-25881 - RESERVED +CVE-2020-25881 (A vulnerability was discovered in the filename parameter in pathindex. ...) + TODO: check CVE-2020-25880 RESERVED CVE-2020-25879 (A stored cross site scripting (XSS) vulnerability in the 'Manage Users ...) @@ -12489,10 +12489,10 @@ CVE-2020-25875 (A stored cross site scripting (XSS) vulnerability in the 'Smiley NOT-FOR-US: Codoforum CVE-2020-25874 RESERVED -CVE-2020-25873 - RESERVED -CVE-2020-25872 - RESERVED +CVE-2020-25873 (A directory traversal vulnerability in the component system/manager/cl ...) + TODO: check +CVE-2020-25872 (A vulnerability exists within the FileManagerController.php function i ...) + TODO: check CVE-2020-25871 RESERVED CVE-2020-25870 @@ -50170,6 +50170,7 @@ CVE-2020-10003 (An issue existed within the path validation logic for symlinks. CVE-2020-10002 (A logic issue was addressed with improved state management. This issue ...) NOT-FOR-US: Apple CVE-2020-10001 (An input validation issue was addressed with improved memory handling. ...) + {DLA-2800-1} - cups 2.3.3op2-1 [buster] - cups <no-dsa> (Minor issue) NOTE: https://github.com/OpenPrinting/cups/commit/efbea1742bd30f842fbbfb87a473e5c84f4162f9 (v2.3.3op2) diff --git a/data/CVE/2021.list b/data/CVE/2021.list index 6afabc3e33..49e51ee2c2 100644 --- a/data/CVE/2021.list +++ b/data/CVE/2021.list @@ -57705,18 +57705,18 @@ CVE-2021-1125 RESERVED CVE-2021-1124 RESERVED -CVE-2021-1123 - RESERVED -CVE-2021-1122 - RESERVED -CVE-2021-1121 - RESERVED -CVE-2021-1120 - RESERVED -CVE-2021-1119 - RESERVED -CVE-2021-1118 - RESERVED +CVE-2021-1123 (NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manag ...) + TODO: check +CVE-2021-1122 (NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manag ...) + TODO: check +CVE-2021-1121 (NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manag ...) + TODO: check +CVE-2021-1120 (NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manag ...) + TODO: check +CVE-2021-1119 (NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manag ...) + TODO: check +CVE-2021-1118 (NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manag ...) + TODO: check CVE-2021-1117 (Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sy ...) TODO: check CVE-2021-1116 (NVIDIA GPU Display Driver for Windows contains a vulnerability in the ...) |