diff --git a/charts/stable/deluge/CHANGELOG.md b/charts/stable/deluge/CHANGELOG.md index 8a563ef7e82..66229b9d677 100644 --- a/charts/stable/deluge/CHANGELOG.md +++ b/charts/stable/deluge/CHANGELOG.md @@ -1,6 +1,15 @@ # Changelog
+ +### [deluge-9.0.37](https://github.com/truecharts/apps/compare/deluge-9.0.36...deluge-9.0.37) (2022-01-31) + +#### Fix + +* rofs false ([#1821](https://github.com/truecharts/apps/issues/1821)) + + + ### [deluge-9.0.36](https://github.com/truecharts/apps/compare/deluge-9.0.35...deluge-9.0.36) (2022-01-25) diff --git a/charts/stable/deluge/helm-values.md b/charts/stable/deluge/helm-values.md index 95265c50d13..c6ce5239520 100644 --- a/charts/stable/deluge/helm-values.md +++ b/charts/stable/deluge/helm-values.md @@ -19,6 +19,7 @@ You will, however, be able to use all values referenced in the common chart here | persistence.varrun.enabled | bool | `true` | | | podSecurityContext.runAsGroup | int | `0` | | | podSecurityContext.runAsUser | int | `0` | | +| securityContext.readOnlyRootFilesystem | bool | `false` | | | securityContext.runAsNonRoot | bool | `false` | | | service.main.ports.main.port | int | `8112` | | | service.main.ports.main.targetPort | int | `8112` | | diff --git a/charts/stable/deluge/security.md b/charts/stable/deluge/security.md index 1551e86ea31..571eb47a571 100644 --- a/charts/stable/deluge/security.md +++ b/charts/stable/deluge/security.md @@ -20,6 +20,7 @@ hide: | Kubernetes Security Check | KSV003 | Default capabilities not dropped | LOW |
Expand... The container should drop all default capabilities and add only those that are needed for its execution.


Container 'RELEASE-NAME-deluge' of Deployment 'RELEASE-NAME-deluge' should add 'ALL' to 'securityContext.capabilities.drop'
|
Expand...https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/
https://avd.aquasec.com/appshield/ksv003
| | Kubernetes Security Check | KSV012 | Runs as root user | MEDIUM |
Expand... 'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.


Container 'RELEASE-NAME-deluge' of Deployment 'RELEASE-NAME-deluge' should set 'securityContext.runAsNonRoot' to true
|
Expand...https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/appshield/ksv012
| | Kubernetes Security Check | KSV012 | Runs as root user | MEDIUM |
Expand... 'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.


Container 'autopermissions' of Deployment 'RELEASE-NAME-deluge' should set 'securityContext.runAsNonRoot' to true
|
Expand...https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/appshield/ksv012
| +| Kubernetes Security Check | KSV014 | Root file system is not read-only | LOW |
Expand... An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk.


Container 'RELEASE-NAME-deluge' of Deployment 'RELEASE-NAME-deluge' should set 'securityContext.readOnlyRootFilesystem' to true
|
Expand...https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/
https://avd.aquasec.com/appshield/ksv014
| | Kubernetes Security Check | KSV014 | Root file system is not read-only | LOW |
Expand... An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk.


Container 'autopermissions' of Deployment 'RELEASE-NAME-deluge' should set 'securityContext.readOnlyRootFilesystem' to true
|
Expand...https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/
https://avd.aquasec.com/appshield/ksv014
| | Kubernetes Security Check | KSV020 | Runs with low user ID | MEDIUM |
Expand... Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.


Container 'RELEASE-NAME-deluge' of Deployment 'RELEASE-NAME-deluge' should set 'securityContext.runAsUser' > 10000
|
Expand...https://kubesec.io/basics/containers-securitycontext-runasuser/
https://avd.aquasec.com/appshield/ksv020
| | Kubernetes Security Check | KSV020 | Runs with low user ID | MEDIUM |
Expand... Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.


Container 'autopermissions' of Deployment 'RELEASE-NAME-deluge' should set 'securityContext.runAsUser' > 10000
|
Expand...https://kubesec.io/basics/containers-securitycontext-runasuser/
https://avd.aquasec.com/appshield/ksv020
| @@ -78,9 +79,11 @@ hide: | Package | Vulnerability | Severity | Installed Version | Fixed Version | Links | |:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------| | bash | CVE-2019-18276 | LOW | 4.4.18-2ubuntu1.2 | |
Expand...http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276
https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff
https://linux.oracle.com/cve/CVE-2019-18276.html
https://linux.oracle.com/errata/ELSA-2021-1679.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security.gentoo.org/glsa/202105-34
https://security.netapp.com/advisory/ntap-20200430-0003/
https://www.youtube.com/watch?v=-wGtxJ8opa8
| +| bsdutils | CVE-2021-37600 | LOW | 2.31.1-0.4ubuntu3.7 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37600
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
| | coreutils | CVE-2016-2781 | LOW | 8.28-1ubuntu1 | |
Expand...http://seclists.org/oss-sec/2016/q1/452
http://www.openwall.com/lists/oss-security/2016/02/28/2
http://www.openwall.com/lists/oss-security/2016/02/28/3
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2781
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://lore.kernel.org/patchwork/patch/793178/
| | dbus | CVE-2020-35512 | LOW | 1.12.2-1ubuntu1.2 | |
Expand...https://bugs.gentoo.org/755392
https://bugzilla.redhat.com/show_bug.cgi?id=1909101
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35512
https://gitlab.freedesktop.org/dbus/dbus/-/commit/2b7948ef907669e844b52c4fa2268d6e3162a70c (dbus-1.13.18)
https://gitlab.freedesktop.org/dbus/dbus/-/commit/dc94fe3d31adf72259adc31f343537151a6c0bdd (dbus-1.10.32)
https://gitlab.freedesktop.org/dbus/dbus/-/commit/f3b2574f0c9faa32a59efec905921f7ef4438a60 (dbus-1.12.20)
https://gitlab.freedesktop.org/dbus/dbus/-/issues/305
https://gitlab.freedesktop.org/dbus/dbus/-/issues/305#note_829128
https://security-tracker.debian.org/tracker/CVE-2020-35512
https://ubuntu.com/security/notices/USN-5244-1
| | dirmngr | CVE-2019-13050 | LOW | 2.2.4-1ubuntu1.4 | |
Expand...http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00039.html
https://access.redhat.com/articles/4264021
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13050
https://gist.github.com/rjhansen/67ab921ffb4084c865b3618d6955275f
https://linux.oracle.com/cve/CVE-2019-13050.html
https://linux.oracle.com/errata/ELSA-2020-4490.html
https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E
https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AUK2YRO6QIH64WP2LRA5D4LACTXQPPU4/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CP4ON34YEXEZDZOXXWV43KVGGO6WZLJ5/
https://lists.gnupg.org/pipermail/gnupg-announce/2019q3/000439.html
https://support.f5.com/csp/article/K08654551
https://support.f5.com/csp/article/K08654551?utm_source=f5support&utm_medium=RSS
https://twitter.com/lambdafu/status/1147162583969009664
| +| fdisk | CVE-2021-37600 | LOW | 2.31.1-0.4ubuntu3.7 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37600
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
| | gcc-8-base | CVE-2020-13844 | MEDIUM | 8.4.0-1ubuntu1~18.04 | |
Expand...http://lists.llvm.org/pipermail/llvm-dev/2020-June/142109.html
http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00039.html
http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00040.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13844
https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability
https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability/downloads/straight-line-speculation
https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability/frequently-asked-questions
https://gcc.gnu.org/pipermail/gcc-patches/2020-June/547520.html
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=679db70801da9fda91d26caf13bf5b5ccc74e8e8
| | gnupg | CVE-2019-13050 | LOW | 2.2.4-1ubuntu1.4 | |
Expand...http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00039.html
https://access.redhat.com/articles/4264021
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13050
https://gist.github.com/rjhansen/67ab921ffb4084c865b3618d6955275f
https://linux.oracle.com/cve/CVE-2019-13050.html
https://linux.oracle.com/errata/ELSA-2020-4490.html
https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E
https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AUK2YRO6QIH64WP2LRA5D4LACTXQPPU4/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CP4ON34YEXEZDZOXXWV43KVGGO6WZLJ5/
https://lists.gnupg.org/pipermail/gnupg-announce/2019q3/000439.html
https://support.f5.com/csp/article/K08654551
https://support.f5.com/csp/article/K08654551?utm_source=f5support&utm_medium=RSS
https://twitter.com/lambdafu/status/1147162583969009664
| | gnupg-l10n | CVE-2019-13050 | LOW | 2.2.4-1ubuntu1.4 | |
Expand...http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00039.html
https://access.redhat.com/articles/4264021
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13050
https://gist.github.com/rjhansen/67ab921ffb4084c865b3618d6955275f
https://linux.oracle.com/cve/CVE-2019-13050.html
https://linux.oracle.com/errata/ELSA-2020-4490.html
https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E
https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AUK2YRO6QIH64WP2LRA5D4LACTXQPPU4/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CP4ON34YEXEZDZOXXWV43KVGGO6WZLJ5/
https://lists.gnupg.org/pipermail/gnupg-announce/2019q3/000439.html
https://support.f5.com/csp/article/K08654551
https://support.f5.com/csp/article/K08654551?utm_source=f5support&utm_medium=RSS
https://twitter.com/lambdafu/status/1147162583969009664
| @@ -99,8 +102,8 @@ hide: | libapparmor1 | CVE-2016-1585 | MEDIUM | 2.12-4ubuntu5.1 | |
Expand...https://bugs.launchpad.net/apparmor/+bug/1597017
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1585
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
| | libasn1-8-heimdal | CVE-2019-12098 | LOW | 7.5.0+dfsg-1 | |
Expand...http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00002.html
http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00003.html
http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00026.html
http://www.h5l.org/pipermail/heimdal-announce/2019-May/000009.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12098
https://github.com/heimdal/heimdal/commit/2f7f3d9960aa6ea21358bdf3687cee5149aa35cf
https://github.com/heimdal/heimdal/compare/3e58559...bbafe72
https://github.com/heimdal/heimdal/releases/tag/heimdal-7.6.0
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GIXEDVVMPD6ZAJSMI2EZ7FNEIVNWE5PD/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SLXXIF4LOQEAEDAF4UGP2AO6WDNTDFUB/
https://seclists.org/bugtraq/2019/Jun/1
https://www.debian.org/security/2019/dsa-4455
| | libasn1-8-heimdal | CVE-2021-3671 | LOW | 7.5.0+dfsg-1 | |
Expand...https://bugzilla.redhat.com/show_bug.cgi?id=2013080,
https://bugzilla.samba.org/show_bug.cgi?id=14770,
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671
https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a
https://ubuntu.com/security/notices/USN-5142-1
https://ubuntu.com/security/notices/USN-5174-1
| +| libblkid1 | CVE-2021-37600 | LOW | 2.31.1-0.4ubuntu3.7 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37600
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
| | libc-bin | CVE-2021-38604 | MEDIUM | 2.27-3ubuntu1.4 | |
Expand...https://blog.tuxcare.com/cve/tuxcare-team-identifies-cve-2021-38604-a-new-vulnerability-in-glibc
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38604
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GYEXYM37RCJWJ6B5KQUYQI4NZBDDYSXP/
https://security.netapp.com/advisory/ntap-20210909-0005/
https://sourceware.org/bugzilla/show_bug.cgi?id=28213
https://sourceware.org/git/?p=glibc.git;a=commit;h=4cc79c217744743077bf7a0ec5e0a4318f1e6641
https://sourceware.org/git/?p=glibc.git;a=commit;h=b805aebd42364fe696e417808a700fdb9800c9e8
| -| libc-bin | CVE-2021-3998 | MEDIUM | 2.27-3ubuntu1.4 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3998
https://www.openwall.com/lists/oss-security/2022/01/24/4
| | libc-bin | CVE-2021-3999 | MEDIUM | 2.27-3ubuntu1.4 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3999
https://www.openwall.com/lists/oss-security/2022/01/24/4
| | libc-bin | CVE-2022-23218 | MEDIUM | 2.27-3ubuntu1.4 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23218
https://sourceware.org/bugzilla/show_bug.cgi?id=28768
| | libc-bin | CVE-2022-23219 | MEDIUM | 2.27-3ubuntu1.4 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23219
https://sourceware.org/bugzilla/show_bug.cgi?id=22542
| @@ -110,12 +113,12 @@ hide: | libc-bin | CVE-2016-10739 | LOW | 2.27-3ubuntu1.4 | |
Expand...http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00082.html
http://www.securityfocus.com/bid/106672
https://access.redhat.com/errata/RHSA-2019:2118
https://access.redhat.com/errata/RHSA-2019:3513
https://bugzilla.redhat.com/show_bug.cgi?id=1347549
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10739
https://linux.oracle.com/cve/CVE-2016-10739.html
https://linux.oracle.com/errata/ELSA-2019-3513.html
https://sourceware.org/bugzilla/show_bug.cgi?id=20018
| | libc-bin | CVE-2019-25013 | LOW | 2.27-3ubuntu1.4 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25013
https://linux.oracle.com/cve/CVE-2019-25013.html
https://linux.oracle.com/errata/ELSA-2021-9344.html
https://lists.apache.org/thread.html/r32d767ac804e9b8aad4355bb85960a6a1385eab7afff549a5e98660f@%3Cjira.kafka.apache.org%3E
https://lists.apache.org/thread.html/r448bb851cc8e6e3f93f3c28c70032b37062625d81214744474ac49e7@%3Cdev.kafka.apache.org%3E
https://lists.apache.org/thread.html/r4806a391091e082bdea17266452ca656ebc176e51bb3932733b3a0a2@%3Cjira.kafka.apache.org%3E
https://lists.apache.org/thread.html/r499e4f96d0b5109ef083f2feccd33c51650c1b7d7068aa3bd47efca9@%3Cjira.kafka.apache.org%3E
https://lists.apache.org/thread.html/r5af4430421bb6f9973294691a7904bbd260937e9eef96b20556f43ff@%3Cjira.kafka.apache.org%3E
https://lists.apache.org/thread.html/r750eee18542bc02bd8350861c424ee60a9b9b225568fa09436a37ece@%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r7a2e94adfe0a2f0a1d42e4927e8c32ecac97d37db9cb68095fe9ddbc@%3Cdev.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rd2354f9ccce41e494fbadcbc5ad87218de6ec0fff8a7b54c8462226c@%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4Y6TX47P47KABSFOL26FLDNVCWXDKDEZ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TVCUNLQ3HXGS4VPUQKWTJGRAW2KTFGXS/
https://security.netapp.com/advisory/ntap-20210205-0004/
https://sourceware.org/bugzilla/show_bug.cgi?id=24973
https://sourceware.org/git/?p=glibc.git;a=commit;h=ee7a3144c9922808181009b7b3e50e852fb4999b
| | libc-bin | CVE-2020-27618 | LOW | 2.27-3ubuntu1.4 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27618
https://linux.oracle.com/cve/CVE-2020-27618.html
https://linux.oracle.com/errata/ELSA-2021-9344.html
https://security.netapp.com/advisory/ntap-20210401-0006/
https://sourceware.org/bugzilla/show_bug.cgi?id=19519#c21
https://sourceware.org/bugzilla/show_bug.cgi?id=26224
| +| libc-bin | CVE-2020-29562 | LOW | 2.27-3ubuntu1.4 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29562
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TVCUNLQ3HXGS4VPUQKWTJGRAW2KTFGXS/
https://security.gentoo.org/glsa/202101-20
https://security.netapp.com/advisory/ntap-20210122-0004/
https://sourceware.org/bugzilla/show_bug.cgi?id=26923
https://sourceware.org/pipermail/libc-alpha/2020-November/119822.html
| | libc-bin | CVE-2020-6096 | LOW | 2.27-3ubuntu1.4 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6096
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SPYXTDOOB4PQGTYAMZAZNJIB3FF6YQXI/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/URXOIA2LDUKHQXK4BE55BQBRI6ZZG3Y6/
https://security.gentoo.org/glsa/202101-20
https://sourceware.org/bugzilla/attachment.cgi?id=12334
https://sourceware.org/bugzilla/show_bug.cgi?id=25620
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1019
https://ubuntu.com/security/notices/USN-4954-1
https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1019
| | libc-bin | CVE-2021-3326 | LOW | 2.27-3ubuntu1.4 | |
Expand...http://www.openwall.com/lists/oss-security/2021/01/28/2
https://bugs.chromium.org/p/project-zero/issues/detail?id=2146
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3326
https://linux.oracle.com/cve/CVE-2021-3326.html
https://linux.oracle.com/errata/ELSA-2021-9344.html
https://security.netapp.com/advisory/ntap-20210304-0007/
https://sourceware.org/bugzilla/show_bug.cgi?id=27256
https://sourceware.org/git/?p=glibc.git;a=commit;h=7d88c6142c6efc160c0ee5e4f85cde382c072888
https://sourceware.org/pipermail/libc-alpha/2021-January/122058.html
| -| libc-bin | CVE-2021-33574 | LOW | 2.27-3ubuntu1.4 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33574
https://linux.oracle.com/cve/CVE-2021-33574.html
https://linux.oracle.com/errata/ELSA-2021-9560.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBUUWUGXVILQXVWEOU7N42ICHPJNAEUP/
https://security.gentoo.org/glsa/202107-07
https://security.netapp.com/advisory/ntap-20210629-0005/
https://sourceware.org/bugzilla/show_bug.cgi?id=27896
https://sourceware.org/bugzilla/show_bug.cgi?id=27896#c1
| +| libc-bin | CVE-2021-33574 | LOW | 2.27-3ubuntu1.4 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33574
https://linux.oracle.com/cve/CVE-2021-33574.html
https://linux.oracle.com/errata/ELSA-2021-9560.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KJYYIMDDYOHTP2PORLABTOHYQYYREZDD/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBUUWUGXVILQXVWEOU7N42ICHPJNAEUP/
https://security.gentoo.org/glsa/202107-07
https://security.netapp.com/advisory/ntap-20210629-0005/
https://sourceware.org/bugzilla/show_bug.cgi?id=27896
https://sourceware.org/bugzilla/show_bug.cgi?id=27896#c1
| | libc-bin | CVE-2021-35942 | LOW | 2.27-3ubuntu1.4 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35942
https://linux.oracle.com/cve/CVE-2021-35942.html
https://linux.oracle.com/errata/ELSA-2021-9560.html
https://security.netapp.com/advisory/ntap-20210827-0005/
https://sourceware.org/bugzilla/show_bug.cgi?id=28011
https://sourceware.org/git/?p=glibc.git;a=commit;h=5adda61f62b77384718b4c0d8336ade8f2b4b35c
https://sourceware.org/glibc/wiki/Security%20Exceptions
| | libc6 | CVE-2021-38604 | MEDIUM | 2.27-3ubuntu1.4 | |
Expand...https://blog.tuxcare.com/cve/tuxcare-team-identifies-cve-2021-38604-a-new-vulnerability-in-glibc
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38604
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GYEXYM37RCJWJ6B5KQUYQI4NZBDDYSXP/
https://security.netapp.com/advisory/ntap-20210909-0005/
https://sourceware.org/bugzilla/show_bug.cgi?id=28213
https://sourceware.org/git/?p=glibc.git;a=commit;h=4cc79c217744743077bf7a0ec5e0a4318f1e6641
https://sourceware.org/git/?p=glibc.git;a=commit;h=b805aebd42364fe696e417808a700fdb9800c9e8
| -| libc6 | CVE-2021-3998 | MEDIUM | 2.27-3ubuntu1.4 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3998
https://www.openwall.com/lists/oss-security/2022/01/24/4
| | libc6 | CVE-2021-3999 | MEDIUM | 2.27-3ubuntu1.4 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3999
https://www.openwall.com/lists/oss-security/2022/01/24/4
| | libc6 | CVE-2022-23218 | MEDIUM | 2.27-3ubuntu1.4 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23218
https://sourceware.org/bugzilla/show_bug.cgi?id=28768
| | libc6 | CVE-2022-23219 | MEDIUM | 2.27-3ubuntu1.4 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23219
https://sourceware.org/bugzilla/show_bug.cgi?id=22542
| @@ -125,12 +128,15 @@ hide: | libc6 | CVE-2016-10739 | LOW | 2.27-3ubuntu1.4 | |
Expand...http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00082.html
http://www.securityfocus.com/bid/106672
https://access.redhat.com/errata/RHSA-2019:2118
https://access.redhat.com/errata/RHSA-2019:3513
https://bugzilla.redhat.com/show_bug.cgi?id=1347549
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10739
https://linux.oracle.com/cve/CVE-2016-10739.html
https://linux.oracle.com/errata/ELSA-2019-3513.html
https://sourceware.org/bugzilla/show_bug.cgi?id=20018
| | libc6 | CVE-2019-25013 | LOW | 2.27-3ubuntu1.4 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25013
https://linux.oracle.com/cve/CVE-2019-25013.html
https://linux.oracle.com/errata/ELSA-2021-9344.html
https://lists.apache.org/thread.html/r32d767ac804e9b8aad4355bb85960a6a1385eab7afff549a5e98660f@%3Cjira.kafka.apache.org%3E
https://lists.apache.org/thread.html/r448bb851cc8e6e3f93f3c28c70032b37062625d81214744474ac49e7@%3Cdev.kafka.apache.org%3E
https://lists.apache.org/thread.html/r4806a391091e082bdea17266452ca656ebc176e51bb3932733b3a0a2@%3Cjira.kafka.apache.org%3E
https://lists.apache.org/thread.html/r499e4f96d0b5109ef083f2feccd33c51650c1b7d7068aa3bd47efca9@%3Cjira.kafka.apache.org%3E
https://lists.apache.org/thread.html/r5af4430421bb6f9973294691a7904bbd260937e9eef96b20556f43ff@%3Cjira.kafka.apache.org%3E
https://lists.apache.org/thread.html/r750eee18542bc02bd8350861c424ee60a9b9b225568fa09436a37ece@%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r7a2e94adfe0a2f0a1d42e4927e8c32ecac97d37db9cb68095fe9ddbc@%3Cdev.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rd2354f9ccce41e494fbadcbc5ad87218de6ec0fff8a7b54c8462226c@%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4Y6TX47P47KABSFOL26FLDNVCWXDKDEZ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TVCUNLQ3HXGS4VPUQKWTJGRAW2KTFGXS/
https://security.netapp.com/advisory/ntap-20210205-0004/
https://sourceware.org/bugzilla/show_bug.cgi?id=24973
https://sourceware.org/git/?p=glibc.git;a=commit;h=ee7a3144c9922808181009b7b3e50e852fb4999b
| | libc6 | CVE-2020-27618 | LOW | 2.27-3ubuntu1.4 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27618
https://linux.oracle.com/cve/CVE-2020-27618.html
https://linux.oracle.com/errata/ELSA-2021-9344.html
https://security.netapp.com/advisory/ntap-20210401-0006/
https://sourceware.org/bugzilla/show_bug.cgi?id=19519#c21
https://sourceware.org/bugzilla/show_bug.cgi?id=26224
| +| libc6 | CVE-2020-29562 | LOW | 2.27-3ubuntu1.4 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29562
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TVCUNLQ3HXGS4VPUQKWTJGRAW2KTFGXS/
https://security.gentoo.org/glsa/202101-20
https://security.netapp.com/advisory/ntap-20210122-0004/
https://sourceware.org/bugzilla/show_bug.cgi?id=26923
https://sourceware.org/pipermail/libc-alpha/2020-November/119822.html
| | libc6 | CVE-2020-6096 | LOW | 2.27-3ubuntu1.4 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6096
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SPYXTDOOB4PQGTYAMZAZNJIB3FF6YQXI/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/URXOIA2LDUKHQXK4BE55BQBRI6ZZG3Y6/
https://security.gentoo.org/glsa/202101-20
https://sourceware.org/bugzilla/attachment.cgi?id=12334
https://sourceware.org/bugzilla/show_bug.cgi?id=25620
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1019
https://ubuntu.com/security/notices/USN-4954-1
https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1019
| | libc6 | CVE-2021-3326 | LOW | 2.27-3ubuntu1.4 | |
Expand...http://www.openwall.com/lists/oss-security/2021/01/28/2
https://bugs.chromium.org/p/project-zero/issues/detail?id=2146
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3326
https://linux.oracle.com/cve/CVE-2021-3326.html
https://linux.oracle.com/errata/ELSA-2021-9344.html
https://security.netapp.com/advisory/ntap-20210304-0007/
https://sourceware.org/bugzilla/show_bug.cgi?id=27256
https://sourceware.org/git/?p=glibc.git;a=commit;h=7d88c6142c6efc160c0ee5e4f85cde382c072888
https://sourceware.org/pipermail/libc-alpha/2021-January/122058.html
| -| libc6 | CVE-2021-33574 | LOW | 2.27-3ubuntu1.4 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33574
https://linux.oracle.com/cve/CVE-2021-33574.html
https://linux.oracle.com/errata/ELSA-2021-9560.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBUUWUGXVILQXVWEOU7N42ICHPJNAEUP/
https://security.gentoo.org/glsa/202107-07
https://security.netapp.com/advisory/ntap-20210629-0005/
https://sourceware.org/bugzilla/show_bug.cgi?id=27896
https://sourceware.org/bugzilla/show_bug.cgi?id=27896#c1
| +| libc6 | CVE-2021-33574 | LOW | 2.27-3ubuntu1.4 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33574
https://linux.oracle.com/cve/CVE-2021-33574.html
https://linux.oracle.com/errata/ELSA-2021-9560.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KJYYIMDDYOHTP2PORLABTOHYQYYREZDD/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBUUWUGXVILQXVWEOU7N42ICHPJNAEUP/
https://security.gentoo.org/glsa/202107-07
https://security.netapp.com/advisory/ntap-20210629-0005/
https://sourceware.org/bugzilla/show_bug.cgi?id=27896
https://sourceware.org/bugzilla/show_bug.cgi?id=27896#c1
| | libc6 | CVE-2021-35942 | LOW | 2.27-3ubuntu1.4 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35942
https://linux.oracle.com/cve/CVE-2021-35942.html
https://linux.oracle.com/errata/ELSA-2021-9560.html
https://security.netapp.com/advisory/ntap-20210827-0005/
https://sourceware.org/bugzilla/show_bug.cgi?id=28011
https://sourceware.org/git/?p=glibc.git;a=commit;h=5adda61f62b77384718b4c0d8336ade8f2b4b35c
https://sourceware.org/glibc/wiki/Security%20Exceptions
| | libdbus-1-3 | CVE-2020-35512 | LOW | 1.12.2-1ubuntu1.2 | |
Expand...https://bugs.gentoo.org/755392
https://bugzilla.redhat.com/show_bug.cgi?id=1909101
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35512
https://gitlab.freedesktop.org/dbus/dbus/-/commit/2b7948ef907669e844b52c4fa2268d6e3162a70c (dbus-1.13.18)
https://gitlab.freedesktop.org/dbus/dbus/-/commit/dc94fe3d31adf72259adc31f343537151a6c0bdd (dbus-1.10.32)
https://gitlab.freedesktop.org/dbus/dbus/-/commit/f3b2574f0c9faa32a59efec905921f7ef4438a60 (dbus-1.12.20)
https://gitlab.freedesktop.org/dbus/dbus/-/issues/305
https://gitlab.freedesktop.org/dbus/dbus/-/issues/305#note_829128
https://security-tracker.debian.org/tracker/CVE-2020-35512
https://ubuntu.com/security/notices/USN-5244-1
| | libexpat1 | CVE-2022-23852 | MEDIUM | 2.2.5-3ubuntu0.2 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23852
https://github.com/libexpat/libexpat/pull/550
| +| libexpat1 | CVE-2022-23990 | MEDIUM | 2.2.5-3ubuntu0.2 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23990
https://github.com/libexpat/libexpat/pull/551
| +| libfdisk1 | CVE-2021-37600 | LOW | 2.31.1-0.4ubuntu3.7 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37600
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
| | libgcc1 | CVE-2020-13844 | MEDIUM | 8.4.0-1ubuntu1~18.04 | |
Expand...http://lists.llvm.org/pipermail/llvm-dev/2020-June/142109.html
http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00039.html
http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00040.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13844
https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability
https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability/downloads/straight-line-speculation
https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability/frequently-asked-questions
https://gcc.gnu.org/pipermail/gcc-patches/2020-June/547520.html
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=679db70801da9fda91d26caf13bf5b5ccc74e8e8
| | libglib2.0-0 | CVE-2021-3800 | MEDIUM | 2.56.4-0ubuntu0.18.04.8 | 2.56.4-0ubuntu0.18.04.9 |
Expand...https://access.redhat.com/security/cve/CVE-2021-3800
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3800
https://linux.oracle.com/cve/CVE-2021-3800.html
https://linux.oracle.com/errata/ELSA-2021-4385.html
https://ubuntu.com/security/notices/USN-5189-1
https://www.openwall.com/lists/oss-security/2017/06/23/8
| | libglib2.0-data | CVE-2021-3800 | MEDIUM | 2.56.4-0ubuntu0.18.04.8 | 2.56.4-0ubuntu0.18.04.9 |
Expand...https://access.redhat.com/security/cve/CVE-2021-3800
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3800
https://linux.oracle.com/cve/CVE-2021-3800.html
https://linux.oracle.com/errata/ELSA-2021-4385.html
https://ubuntu.com/security/notices/USN-5189-1
https://www.openwall.com/lists/oss-security/2017/06/23/8
| @@ -166,6 +172,7 @@ hide: | libkrb5support0 | CVE-2021-36222 | MEDIUM | 1.16-2ubuntu0.2 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36222
https://github.com/krb5/krb5/commit/fc98f520caefff2e5ee9a0026fdf5109944b3562
https://github.com/krb5/krb5/releases
https://linux.oracle.com/cve/CVE-2021-36222.html
https://linux.oracle.com/errata/ELSA-2021-3576.html
https://security.netapp.com/advisory/ntap-20211022-0003/
https://security.netapp.com/advisory/ntap-20211104-0007/
https://web.mit.edu/kerberos/advisories/
https://www.debian.org/security/2021/dsa-4944
https://www.oracle.com/security-alerts/cpuoct2021.html
| | libkrb5support0 | CVE-2018-5709 | LOW | 1.16-2ubuntu0.2 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5709
https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
| | libkrb5support0 | CVE-2018-5710 | LOW | 1.16-2ubuntu0.2 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5710
https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Denial%20Of%20Service(DoS)
| +| libmount1 | CVE-2021-37600 | LOW | 2.31.1-0.4ubuntu3.7 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37600
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
| | libncurses5 | CVE-2019-17594 | LOW | 6.1-1ubuntu1.18.04 | |
Expand...http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00059.html
http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00061.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17594
https://linux.oracle.com/cve/CVE-2019-17594.html
https://linux.oracle.com/errata/ELSA-2021-4426.html
https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00017.html
https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00045.html
https://security.gentoo.org/glsa/202101-28
| | libncurses5 | CVE-2019-17595 | LOW | 6.1-1ubuntu1.18.04 | |
Expand...http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00059.html
http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00061.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17595
https://linux.oracle.com/cve/CVE-2019-17595.html
https://linux.oracle.com/errata/ELSA-2021-4426.html
https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00013.html
https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00045.html
https://security.gentoo.org/glsa/202101-28
| | libncursesw5 | CVE-2019-17594 | LOW | 6.1-1ubuntu1.18.04 | |
Expand...http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00059.html
http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00061.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17594
https://linux.oracle.com/cve/CVE-2019-17594.html
https://linux.oracle.com/errata/ELSA-2021-4426.html
https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00017.html
https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00045.html
https://security.gentoo.org/glsa/202101-28
| @@ -178,17 +185,25 @@ hide: | libpng16-16 | CVE-2018-14048 | LOW | 1.6.34-1ubuntu0.18.04.2 | |
Expand...http://packetstormsecurity.com/files/152561/Slackware-Security-Advisory-libpng-Updates.html
http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14048
https://github.com/fouzhe/security/tree/master/libpng
https://github.com/glennrp/libpng/issues/238
https://seclists.org/bugtraq/2019/Apr/30
https://security.gentoo.org/glsa/201908-02
| | libpython3.6-minimal | CVE-2021-3733 | MEDIUM | 3.6.9-1~18.04ubuntu1.4 | 3.6.9-1~18.04ubuntu1.6 |
Expand...https://bugs.python.org/issue43075
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3733
https://docs.python.org/3.6/whatsnew/changelog.html#python-3-6-14-final
https://docs.python.org/3.7/whatsnew/changelog.html#python-3-7-11-final
https://docs.python.org/3.8/whatsnew/changelog.html#python-3-8-10-final
https://docs.python.org/3.9/whatsnew/changelog.html#python-3-9-5-final
https://github.com/python/cpython/commit/3fbe96123aeb66664fa547a8f6022efa2dc8788f (3.6.14)
https://github.com/python/cpython/commit/7215d1ae25525c92b026166f9d5cac85fb1defe1 (master)
https://github.com/python/cpython/commit/a21d4fbd549ec9685068a113660553d7f80d9b09 (3.9.5)
https://github.com/python/cpython/commit/ada14995870abddc277addf57dd690a2af04c2da (3.7.11)
https://github.com/python/cpython/commit/e7654b6046090914a8323931ed759a94a5f85d60 (3.8.10)
https://github.com/python/cpython/pull/24391
https://linux.oracle.com/cve/CVE-2021-3733.html
https://linux.oracle.com/errata/ELSA-2021-4160.html
https://ubuntu.com/security/notices/USN-5083-1
https://ubuntu.com/security/notices/USN-5199-1
https://ubuntu.com/security/notices/USN-5200-1
| | libpython3.6-minimal | CVE-2021-3737 | MEDIUM | 3.6.9-1~18.04ubuntu1.4 | 3.6.9-1~18.04ubuntu1.6 |
Expand...https://bugs.python.org/issue44022
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3737
https://github.com/python/cpython/commit/0389426fa4af4dfc8b1d7f3f291932d928392d8b (3.8 branch)
https://github.com/python/cpython/commit/078b146f062d212919d0ba25e34e658a8234aa63 (v3.7.11)
https://github.com/python/cpython/commit/1b6f4e5e13ebd1f957b47f7415b53d0869bdbac6 (v3.6.14
https://github.com/python/cpython/commit/5df4abd6b033a5f1e48945c6988b45e35e76f647 (v3.9.6)
https://github.com/python/cpython/commit/60ba0b68470a584103e28958d91e93a6db37ec92 (v3.10.0b2)
https://github.com/python/cpython/commit/98e5a7975d99b58d511f171816ecdfb13d5cca18 (v3.10.0b3)
https://github.com/python/cpython/commit/ea9327036680acc92d9f89eaf6f6a54d2f8d78d9 (v3.9.6)
https://github.com/python/cpython/commit/f396864ddfe914531b5856d7bf852808ebfc01ae (v3.8.11)
https://github.com/python/cpython/commit/f68d2d69f1da56c2aea1293ecf93ab69a6010ad7 (v3.6.14)
https://github.com/python/cpython/commit/fee96422e6f0056561cf74fef2012cc066c9db86 (v3.7.11)
https://github.com/python/cpython/pull/25916
https://github.com/python/cpython/pull/26503
https://linux.oracle.com/cve/CVE-2021-3737.html
https://linux.oracle.com/errata/ELSA-2021-4160.html
https://ubuntu.com/security/notices/USN-5083-1
https://ubuntu.com/security/notices/USN-5199-1
https://ubuntu.com/security/notices/USN-5200-1
https://ubuntu.com/security/notices/USN-5201-1
| +| libpython3.6-minimal | CVE-2021-4189 | MEDIUM | 3.6.9-1~18.04ubuntu1.4 | |
Expand...https://bugs.python.org/issue43285
https://bugzilla.redhat.com/show_bug.cgi?id=2036020
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4189
https://github.com/python/cpython/commit/0ab152c6b5d95caa2dc1a30fa96e10258b5f188e (master)
https://github.com/python/cpython/commit/4134f154ae2f621f25c5d698cc0f1748035a1b88 (v3.6.14)
https://github.com/python/cpython/commit/79373951b3eab585d42e0f0ab83718cbe1d0ee33 (v3.7.11)
https://github.com/python/cpython/commit/7dcb4baa4f0fde3aef5122a8e9f6a41853ec9335 (v3.9.3)
| | libpython3.6-minimal | CVE-2021-23336 | LOW | 3.6.9-1~18.04ubuntu1.4 | |
Expand...http://www.openwall.com/lists/oss-security/2021/02/19/4
http://www.openwall.com/lists/oss-security/2021/05/01/2
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23336
https://github.com/python/cpython/commit/fcbe0cb04d35189401c0c880ebfb4311e952d776 (master)
https://github.com/python/cpython/pull/24297
https://linux.oracle.com/cve/CVE-2021-23336.html
https://linux.oracle.com/errata/ELSA-2021-4162.html
https://lists.apache.org/thread.html/ra8ce70088ba291f358e077cafdb14d174b7a1ce9a9d86d1b332d6367@%3Cusers.airflow.apache.org%3E
https://lists.apache.org/thread.html/rc005f4de9d9b0ba943ceb8ff5a21a5c6ff8a9df52632476698d99432@%3Cannounce.apache.org%3E
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://lists.debian.org/debian-lts-announce/2021/02/msg00030.html
https://lists.debian.org/debian-lts-announce/2021/04/msg00005.html
https://lists.debian.org/debian-lts-announce/2021/04/msg00015.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3EPYWWFDV22CJ5AOH5VCE72DOASZZ255/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3YKKDLXL3UEZ3J426C2XTBS63AHE46SM/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/46N6A52EGSXHJYCZWVMBJJIH4NWIV2B5/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FONHJIOZOFD7CD35KZL6SVBUTMBPGZGA/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HCQTCSP6SCVIYNIRUJC5X7YBVUHPLSC4/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZTM7KLHFCE3LWSEVO2NAFLUHMGYMCRY/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IHQDU7NXA7EWAE4W7VO6MURVJIULEPPR/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KJXCMHLY7H3FIYLE4OKDYUILU2CCRUCZ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LVNH6Z24IG3E67ZCQGGJ46FZB4XFLQNZ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MNUN5SOMFL2BBKP6ZAICIIUPQKZDMGYO/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MP572OLHMS7MZO4KUPSCIMSZIA5IZZ62/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N6VXJZSZ6N64AILJX4CTMACYGQGHHD5C/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NJSCSN722JO2E2AGPWD4NTGVELVRPB4R/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NODWHDIFBQE5RU5PUWUVE47JOT5VCMJ2/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OAGSWNGZJ6HQ5ISA67SNMK3CJRKICET7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RSLQD5CCM75IZGAMBDGUZEATYU5YSGJ7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SGIY6I4YS3WOXAK4SXKIEOC2G4VZKIR7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TFTELUMWZE3KV3JB2H5EE6VFRZFRD5MV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LSKBEFI5SYEY5FM6ICZVZM5WRQUCS4/
https://security.gentoo.org/glsa/202104-04
https://security.netapp.com/advisory/ntap-20210326-0004/
https://snyk.io/blog/cache-poisoning-in-popular-open-source-packages/
https://snyk.io/vuln/SNYK-UPSTREAM-PYTHONCPYTHON-1074933
https://ubuntu.com/security/notices/USN-4742-1
https://www.djangoproject.com/weblog/2021/feb/19/security-releases/
https://www.oracle.com//security-alerts/cpujul2021.html
https://www.oracle.com/security-alerts/cpuApr2021.html
https://www.oracle.com/security-alerts/cpuoct2021.html
| | libpython3.6-minimal | CVE-2021-3426 | LOW | 3.6.9-1~18.04ubuntu1.4 | |
Expand...https://bugzilla.redhat.com/show_bug.cgi?id=1935913
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3426
https://github.com/python/cpython/pull/24285
https://github.com/python/cpython/pull/24337
https://linux.oracle.com/cve/CVE-2021-3426.html
https://linux.oracle.com/errata/ELSA-2021-9562.html
https://lists.debian.org/debian-lts-announce/2021/04/msg00005.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/25HVHLBGO2KNPXJ3G426QEYSSCECJDU5/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BF2K7HEWADHN6P52R3QLIOX27U3DJ4HI/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DQYPUKLLBOZMKFPO7RD7CENTXHUUEUV7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LM5V4VPLBHBEASSAROYPSHXGXGGPHNOE/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N6VXJZSZ6N64AILJX4CTMACYGQGHHD5C/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QNGAFMPIYIVJ47FCF2NK2PIX22HUG35B/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VPX7Y5GQDNB4FJTREWONGC4ZSVH7TGHF/
https://python-security.readthedocs.io/vuln/pydoc-getfile.html
https://security.gentoo.org/glsa/202104-04
https://security.netapp.com/advisory/ntap-20210629-0003/
https://www.oracle.com/security-alerts/cpuoct2021.html
| | libpython3.6-stdlib | CVE-2021-3733 | MEDIUM | 3.6.9-1~18.04ubuntu1.4 | 3.6.9-1~18.04ubuntu1.6 |
Expand...https://bugs.python.org/issue43075
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3733
https://docs.python.org/3.6/whatsnew/changelog.html#python-3-6-14-final
https://docs.python.org/3.7/whatsnew/changelog.html#python-3-7-11-final
https://docs.python.org/3.8/whatsnew/changelog.html#python-3-8-10-final
https://docs.python.org/3.9/whatsnew/changelog.html#python-3-9-5-final
https://github.com/python/cpython/commit/3fbe96123aeb66664fa547a8f6022efa2dc8788f (3.6.14)
https://github.com/python/cpython/commit/7215d1ae25525c92b026166f9d5cac85fb1defe1 (master)
https://github.com/python/cpython/commit/a21d4fbd549ec9685068a113660553d7f80d9b09 (3.9.5)
https://github.com/python/cpython/commit/ada14995870abddc277addf57dd690a2af04c2da (3.7.11)
https://github.com/python/cpython/commit/e7654b6046090914a8323931ed759a94a5f85d60 (3.8.10)
https://github.com/python/cpython/pull/24391
https://linux.oracle.com/cve/CVE-2021-3733.html
https://linux.oracle.com/errata/ELSA-2021-4160.html
https://ubuntu.com/security/notices/USN-5083-1
https://ubuntu.com/security/notices/USN-5199-1
https://ubuntu.com/security/notices/USN-5200-1
| | libpython3.6-stdlib | CVE-2021-3737 | MEDIUM | 3.6.9-1~18.04ubuntu1.4 | 3.6.9-1~18.04ubuntu1.6 |
Expand...https://bugs.python.org/issue44022
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3737
https://github.com/python/cpython/commit/0389426fa4af4dfc8b1d7f3f291932d928392d8b (3.8 branch)
https://github.com/python/cpython/commit/078b146f062d212919d0ba25e34e658a8234aa63 (v3.7.11)
https://github.com/python/cpython/commit/1b6f4e5e13ebd1f957b47f7415b53d0869bdbac6 (v3.6.14
https://github.com/python/cpython/commit/5df4abd6b033a5f1e48945c6988b45e35e76f647 (v3.9.6)
https://github.com/python/cpython/commit/60ba0b68470a584103e28958d91e93a6db37ec92 (v3.10.0b2)
https://github.com/python/cpython/commit/98e5a7975d99b58d511f171816ecdfb13d5cca18 (v3.10.0b3)
https://github.com/python/cpython/commit/ea9327036680acc92d9f89eaf6f6a54d2f8d78d9 (v3.9.6)
https://github.com/python/cpython/commit/f396864ddfe914531b5856d7bf852808ebfc01ae (v3.8.11)
https://github.com/python/cpython/commit/f68d2d69f1da56c2aea1293ecf93ab69a6010ad7 (v3.6.14)
https://github.com/python/cpython/commit/fee96422e6f0056561cf74fef2012cc066c9db86 (v3.7.11)
https://github.com/python/cpython/pull/25916
https://github.com/python/cpython/pull/26503
https://linux.oracle.com/cve/CVE-2021-3737.html
https://linux.oracle.com/errata/ELSA-2021-4160.html
https://ubuntu.com/security/notices/USN-5083-1
https://ubuntu.com/security/notices/USN-5199-1
https://ubuntu.com/security/notices/USN-5200-1
https://ubuntu.com/security/notices/USN-5201-1
| +| libpython3.6-stdlib | CVE-2021-4189 | MEDIUM | 3.6.9-1~18.04ubuntu1.4 | |
Expand...https://bugs.python.org/issue43285
https://bugzilla.redhat.com/show_bug.cgi?id=2036020
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4189
https://github.com/python/cpython/commit/0ab152c6b5d95caa2dc1a30fa96e10258b5f188e (master)
https://github.com/python/cpython/commit/4134f154ae2f621f25c5d698cc0f1748035a1b88 (v3.6.14)
https://github.com/python/cpython/commit/79373951b3eab585d42e0f0ab83718cbe1d0ee33 (v3.7.11)
https://github.com/python/cpython/commit/7dcb4baa4f0fde3aef5122a8e9f6a41853ec9335 (v3.9.3)
| | libpython3.6-stdlib | CVE-2021-23336 | LOW | 3.6.9-1~18.04ubuntu1.4 | |
Expand...http://www.openwall.com/lists/oss-security/2021/02/19/4
http://www.openwall.com/lists/oss-security/2021/05/01/2
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23336
https://github.com/python/cpython/commit/fcbe0cb04d35189401c0c880ebfb4311e952d776 (master)
https://github.com/python/cpython/pull/24297
https://linux.oracle.com/cve/CVE-2021-23336.html
https://linux.oracle.com/errata/ELSA-2021-4162.html
https://lists.apache.org/thread.html/ra8ce70088ba291f358e077cafdb14d174b7a1ce9a9d86d1b332d6367@%3Cusers.airflow.apache.org%3E
https://lists.apache.org/thread.html/rc005f4de9d9b0ba943ceb8ff5a21a5c6ff8a9df52632476698d99432@%3Cannounce.apache.org%3E
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://lists.debian.org/debian-lts-announce/2021/02/msg00030.html
https://lists.debian.org/debian-lts-announce/2021/04/msg00005.html
https://lists.debian.org/debian-lts-announce/2021/04/msg00015.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3EPYWWFDV22CJ5AOH5VCE72DOASZZ255/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3YKKDLXL3UEZ3J426C2XTBS63AHE46SM/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/46N6A52EGSXHJYCZWVMBJJIH4NWIV2B5/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FONHJIOZOFD7CD35KZL6SVBUTMBPGZGA/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HCQTCSP6SCVIYNIRUJC5X7YBVUHPLSC4/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZTM7KLHFCE3LWSEVO2NAFLUHMGYMCRY/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IHQDU7NXA7EWAE4W7VO6MURVJIULEPPR/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KJXCMHLY7H3FIYLE4OKDYUILU2CCRUCZ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LVNH6Z24IG3E67ZCQGGJ46FZB4XFLQNZ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MNUN5SOMFL2BBKP6ZAICIIUPQKZDMGYO/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MP572OLHMS7MZO4KUPSCIMSZIA5IZZ62/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N6VXJZSZ6N64AILJX4CTMACYGQGHHD5C/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NJSCSN722JO2E2AGPWD4NTGVELVRPB4R/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NODWHDIFBQE5RU5PUWUVE47JOT5VCMJ2/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OAGSWNGZJ6HQ5ISA67SNMK3CJRKICET7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RSLQD5CCM75IZGAMBDGUZEATYU5YSGJ7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SGIY6I4YS3WOXAK4SXKIEOC2G4VZKIR7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TFTELUMWZE3KV3JB2H5EE6VFRZFRD5MV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LSKBEFI5SYEY5FM6ICZVZM5WRQUCS4/
https://security.gentoo.org/glsa/202104-04
https://security.netapp.com/advisory/ntap-20210326-0004/
https://snyk.io/blog/cache-poisoning-in-popular-open-source-packages/
https://snyk.io/vuln/SNYK-UPSTREAM-PYTHONCPYTHON-1074933
https://ubuntu.com/security/notices/USN-4742-1
https://www.djangoproject.com/weblog/2021/feb/19/security-releases/
https://www.oracle.com//security-alerts/cpujul2021.html
https://www.oracle.com/security-alerts/cpuApr2021.html
https://www.oracle.com/security-alerts/cpuoct2021.html
| | libpython3.6-stdlib | CVE-2021-3426 | LOW | 3.6.9-1~18.04ubuntu1.4 | |
Expand...https://bugzilla.redhat.com/show_bug.cgi?id=1935913
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3426
https://github.com/python/cpython/pull/24285
https://github.com/python/cpython/pull/24337
https://linux.oracle.com/cve/CVE-2021-3426.html
https://linux.oracle.com/errata/ELSA-2021-9562.html
https://lists.debian.org/debian-lts-announce/2021/04/msg00005.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/25HVHLBGO2KNPXJ3G426QEYSSCECJDU5/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BF2K7HEWADHN6P52R3QLIOX27U3DJ4HI/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DQYPUKLLBOZMKFPO7RD7CENTXHUUEUV7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LM5V4VPLBHBEASSAROYPSHXGXGGPHNOE/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N6VXJZSZ6N64AILJX4CTMACYGQGHHD5C/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QNGAFMPIYIVJ47FCF2NK2PIX22HUG35B/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VPX7Y5GQDNB4FJTREWONGC4ZSVH7TGHF/
https://python-security.readthedocs.io/vuln/pydoc-getfile.html
https://security.gentoo.org/glsa/202104-04
https://security.netapp.com/advisory/ntap-20210629-0003/
https://www.oracle.com/security-alerts/cpuoct2021.html
| | libroken18-heimdal | CVE-2019-12098 | LOW | 7.5.0+dfsg-1 | |
Expand...http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00002.html
http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00003.html
http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00026.html
http://www.h5l.org/pipermail/heimdal-announce/2019-May/000009.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12098
https://github.com/heimdal/heimdal/commit/2f7f3d9960aa6ea21358bdf3687cee5149aa35cf
https://github.com/heimdal/heimdal/compare/3e58559...bbafe72
https://github.com/heimdal/heimdal/releases/tag/heimdal-7.6.0
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GIXEDVVMPD6ZAJSMI2EZ7FNEIVNWE5PD/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SLXXIF4LOQEAEDAF4UGP2AO6WDNTDFUB/
https://seclists.org/bugtraq/2019/Jun/1
https://www.debian.org/security/2019/dsa-4455
| | libroken18-heimdal | CVE-2021-3671 | LOW | 7.5.0+dfsg-1 | |
Expand...https://bugzilla.redhat.com/show_bug.cgi?id=2013080,
https://bugzilla.samba.org/show_bug.cgi?id=14770,
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671
https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a
https://ubuntu.com/security/notices/USN-5142-1
https://ubuntu.com/security/notices/USN-5174-1
| +| libsepol1 | CVE-2021-36084 | LOW | 2.7-1 | |
Expand...https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31065
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084
https://github.com/SELinuxProject/selinux/commit/f34d3d30c8325e4847a6b696fe7a3936a8a361f3
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-417.yaml
https://linux.oracle.com/cve/CVE-2021-36084.html
https://linux.oracle.com/errata/ELSA-2021-4513.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/
| +| libsepol1 | CVE-2021-36085 | LOW | 2.7-1 | |
Expand...https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31124
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085
https://github.com/SELinuxProject/selinux/commit/2d35fcc7e9e976a2346b1de20e54f8663e8a6cba
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-421.yaml
https://linux.oracle.com/cve/CVE-2021-36085.html
https://linux.oracle.com/errata/ELSA-2021-4513.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/
| +| libsepol1 | CVE-2021-36086 | LOW | 2.7-1 | |
Expand...https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32177
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086
https://github.com/SELinuxProject/selinux/commit/c49a8ea09501ad66e799ea41b8154b6770fec2c8
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-536.yaml
https://linux.oracle.com/cve/CVE-2021-36086.html
https://linux.oracle.com/errata/ELSA-2021-4513.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/
| +| libsepol1 | CVE-2021-36087 | LOW | 2.7-1 | |
Expand...https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32675
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087
https://github.com/SELinuxProject/selinux/commit/340f0eb7f3673e8aacaf0a96cbfcd4d12a405521
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-585.yaml
https://linux.oracle.com/cve/CVE-2021-36087.html
https://linux.oracle.com/errata/ELSA-2021-4513.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/
https://lore.kernel.org/selinux/CAEN2sdqJKHvDzPnxS-J8grU8fSf32DDtx=kyh84OsCq_Vm+yaQ@mail.gmail.com/T/
| +| libsmartcols1 | CVE-2021-37600 | LOW | 2.31.1-0.4ubuntu3.7 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37600
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
| | libsqlite3-0 | CVE-2020-9794 | MEDIUM | 3.22.0-1ubuntu0.4 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9794
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://support.apple.com/HT211168
https://support.apple.com/HT211170
https://support.apple.com/HT211171
https://support.apple.com/HT211175
https://support.apple.com/HT211178
https://support.apple.com/HT211179
https://support.apple.com/HT211181
https://vuldb.com/?id.155768
| | libsqlite3-0 | CVE-2020-9849 | LOW | 3.22.0-1ubuntu0.4 | |
Expand...http://seclists.org/fulldisclosure/2020/Dec/32
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9849
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://support.apple.com/en-us/HT211843
https://support.apple.com/en-us/HT211844
https://support.apple.com/en-us/HT211850
https://support.apple.com/en-us/HT211931
https://support.apple.com/en-us/HT211935
https://support.apple.com/en-us/HT211952
https://www.rapid7.com/db/vulnerabilities/apple-osx-sqlite-cve-2020-9849/
| | libsqlite3-0 | CVE-2020-9991 | LOW | 3.22.0-1ubuntu0.4 | |
Expand...http://seclists.org/fulldisclosure/2020/Dec/32
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9991
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://support.apple.com/en-us/HT211843
https://support.apple.com/en-us/HT211844
https://support.apple.com/en-us/HT211847
https://support.apple.com/en-us/HT211850
https://support.apple.com/en-us/HT211931
https://support.apple.com/kb/HT211846
https://www.rapid7.com/db/vulnerabilities/apple-osx-sqlite-cve-2020-9991/
| +| libsqlite3-0 | CVE-2021-36690 | LOW | 3.22.0-1ubuntu0.4 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36690
https://www.sqlite.org/forum/forumpost/718c0a8d17
| | libstdc++6 | CVE-2020-13844 | MEDIUM | 8.4.0-1ubuntu1~18.04 | |
Expand...http://lists.llvm.org/pipermail/llvm-dev/2020-June/142109.html
http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00039.html
http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00040.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13844
https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability
https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability/downloads/straight-line-speculation
https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability/frequently-asked-questions
https://gcc.gnu.org/pipermail/gcc-patches/2020-June/547520.html
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=679db70801da9fda91d26caf13bf5b5ccc74e8e8
| | libtasn1-6 | CVE-2018-1000654 | LOW | 4.13-2 | |
Expand...http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00009.html
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00018.html
http://www.securityfocus.com/bid/105151
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000654
https://gitlab.com/gnutls/libtasn1/issues/4
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
| | libtiff5 | CVE-2018-10126 | LOW | 4.0.9-5ubuntu0.4 | |
Expand...http://bugzilla.maptools.org/show_bug.cgi?id=2786
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10126
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
| @@ -196,10 +211,10 @@ hide: | libtiff5 | CVE-2020-19144 | LOW | 4.0.9-5ubuntu0.4 | |
Expand...http://bugzilla.maptools.org/show_bug.cgi?id=2852
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-19144
https://gitlab.com/libtiff/libtiff/-/issues/159
https://lists.debian.org/debian-lts-announce/2021/10/msg00004.html
https://security.netapp.com/advisory/ntap-20211004-0005/
| | libtinfo5 | CVE-2019-17594 | LOW | 6.1-1ubuntu1.18.04 | |
Expand...http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00059.html
http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00061.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17594
https://linux.oracle.com/cve/CVE-2019-17594.html
https://linux.oracle.com/errata/ELSA-2021-4426.html
https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00017.html
https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00045.html
https://security.gentoo.org/glsa/202101-28
| | libtinfo5 | CVE-2019-17595 | LOW | 6.1-1ubuntu1.18.04 | |
Expand...http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00059.html
http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00061.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17595
https://linux.oracle.com/cve/CVE-2019-17595.html
https://linux.oracle.com/errata/ELSA-2021-4426.html
https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00013.html
https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00045.html
https://security.gentoo.org/glsa/202101-28
| +| libuuid1 | CVE-2021-37600 | LOW | 2.31.1-0.4ubuntu3.7 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37600
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
| | libwind0-heimdal | CVE-2019-12098 | LOW | 7.5.0+dfsg-1 | |
Expand...http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00002.html
http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00003.html
http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00026.html
http://www.h5l.org/pipermail/heimdal-announce/2019-May/000009.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12098
https://github.com/heimdal/heimdal/commit/2f7f3d9960aa6ea21358bdf3687cee5149aa35cf
https://github.com/heimdal/heimdal/compare/3e58559...bbafe72
https://github.com/heimdal/heimdal/releases/tag/heimdal-7.6.0
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GIXEDVVMPD6ZAJSMI2EZ7FNEIVNWE5PD/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SLXXIF4LOQEAEDAF4UGP2AO6WDNTDFUB/
https://seclists.org/bugtraq/2019/Jun/1
https://www.debian.org/security/2019/dsa-4455
| | libwind0-heimdal | CVE-2021-3671 | LOW | 7.5.0+dfsg-1 | |
Expand...https://bugzilla.redhat.com/show_bug.cgi?id=2013080,
https://bugzilla.samba.org/show_bug.cgi?id=14770,
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671
https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a
https://ubuntu.com/security/notices/USN-5142-1
https://ubuntu.com/security/notices/USN-5174-1
| | locales | CVE-2021-38604 | MEDIUM | 2.27-3ubuntu1.4 | |
Expand...https://blog.tuxcare.com/cve/tuxcare-team-identifies-cve-2021-38604-a-new-vulnerability-in-glibc
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38604
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GYEXYM37RCJWJ6B5KQUYQI4NZBDDYSXP/
https://security.netapp.com/advisory/ntap-20210909-0005/
https://sourceware.org/bugzilla/show_bug.cgi?id=28213
https://sourceware.org/git/?p=glibc.git;a=commit;h=4cc79c217744743077bf7a0ec5e0a4318f1e6641
https://sourceware.org/git/?p=glibc.git;a=commit;h=b805aebd42364fe696e417808a700fdb9800c9e8
| -| locales | CVE-2021-3998 | MEDIUM | 2.27-3ubuntu1.4 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3998
https://www.openwall.com/lists/oss-security/2022/01/24/4
| | locales | CVE-2021-3999 | MEDIUM | 2.27-3ubuntu1.4 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3999
https://www.openwall.com/lists/oss-security/2022/01/24/4
| | locales | CVE-2022-23218 | MEDIUM | 2.27-3ubuntu1.4 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23218
https://sourceware.org/bugzilla/show_bug.cgi?id=28768
| | locales | CVE-2022-23219 | MEDIUM | 2.27-3ubuntu1.4 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23219
https://sourceware.org/bugzilla/show_bug.cgi?id=22542
| @@ -209,14 +224,15 @@ hide: | locales | CVE-2016-10739 | LOW | 2.27-3ubuntu1.4 | |
Expand...http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00082.html
http://www.securityfocus.com/bid/106672
https://access.redhat.com/errata/RHSA-2019:2118
https://access.redhat.com/errata/RHSA-2019:3513
https://bugzilla.redhat.com/show_bug.cgi?id=1347549
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10739
https://linux.oracle.com/cve/CVE-2016-10739.html
https://linux.oracle.com/errata/ELSA-2019-3513.html
https://sourceware.org/bugzilla/show_bug.cgi?id=20018
| | locales | CVE-2019-25013 | LOW | 2.27-3ubuntu1.4 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25013
https://linux.oracle.com/cve/CVE-2019-25013.html
https://linux.oracle.com/errata/ELSA-2021-9344.html
https://lists.apache.org/thread.html/r32d767ac804e9b8aad4355bb85960a6a1385eab7afff549a5e98660f@%3Cjira.kafka.apache.org%3E
https://lists.apache.org/thread.html/r448bb851cc8e6e3f93f3c28c70032b37062625d81214744474ac49e7@%3Cdev.kafka.apache.org%3E
https://lists.apache.org/thread.html/r4806a391091e082bdea17266452ca656ebc176e51bb3932733b3a0a2@%3Cjira.kafka.apache.org%3E
https://lists.apache.org/thread.html/r499e4f96d0b5109ef083f2feccd33c51650c1b7d7068aa3bd47efca9@%3Cjira.kafka.apache.org%3E
https://lists.apache.org/thread.html/r5af4430421bb6f9973294691a7904bbd260937e9eef96b20556f43ff@%3Cjira.kafka.apache.org%3E
https://lists.apache.org/thread.html/r750eee18542bc02bd8350861c424ee60a9b9b225568fa09436a37ece@%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r7a2e94adfe0a2f0a1d42e4927e8c32ecac97d37db9cb68095fe9ddbc@%3Cdev.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rd2354f9ccce41e494fbadcbc5ad87218de6ec0fff8a7b54c8462226c@%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4Y6TX47P47KABSFOL26FLDNVCWXDKDEZ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TVCUNLQ3HXGS4VPUQKWTJGRAW2KTFGXS/
https://security.netapp.com/advisory/ntap-20210205-0004/
https://sourceware.org/bugzilla/show_bug.cgi?id=24973
https://sourceware.org/git/?p=glibc.git;a=commit;h=ee7a3144c9922808181009b7b3e50e852fb4999b
| | locales | CVE-2020-27618 | LOW | 2.27-3ubuntu1.4 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27618
https://linux.oracle.com/cve/CVE-2020-27618.html
https://linux.oracle.com/errata/ELSA-2021-9344.html
https://security.netapp.com/advisory/ntap-20210401-0006/
https://sourceware.org/bugzilla/show_bug.cgi?id=19519#c21
https://sourceware.org/bugzilla/show_bug.cgi?id=26224
| +| locales | CVE-2020-29562 | LOW | 2.27-3ubuntu1.4 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29562
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TVCUNLQ3HXGS4VPUQKWTJGRAW2KTFGXS/
https://security.gentoo.org/glsa/202101-20
https://security.netapp.com/advisory/ntap-20210122-0004/
https://sourceware.org/bugzilla/show_bug.cgi?id=26923
https://sourceware.org/pipermail/libc-alpha/2020-November/119822.html
| | locales | CVE-2020-6096 | LOW | 2.27-3ubuntu1.4 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6096
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SPYXTDOOB4PQGTYAMZAZNJIB3FF6YQXI/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/URXOIA2LDUKHQXK4BE55BQBRI6ZZG3Y6/
https://security.gentoo.org/glsa/202101-20
https://sourceware.org/bugzilla/attachment.cgi?id=12334
https://sourceware.org/bugzilla/show_bug.cgi?id=25620
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1019
https://ubuntu.com/security/notices/USN-4954-1
https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1019
| | locales | CVE-2021-3326 | LOW | 2.27-3ubuntu1.4 | |
Expand...http://www.openwall.com/lists/oss-security/2021/01/28/2
https://bugs.chromium.org/p/project-zero/issues/detail?id=2146
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3326
https://linux.oracle.com/cve/CVE-2021-3326.html
https://linux.oracle.com/errata/ELSA-2021-9344.html
https://security.netapp.com/advisory/ntap-20210304-0007/
https://sourceware.org/bugzilla/show_bug.cgi?id=27256
https://sourceware.org/git/?p=glibc.git;a=commit;h=7d88c6142c6efc160c0ee5e4f85cde382c072888
https://sourceware.org/pipermail/libc-alpha/2021-January/122058.html
| -| locales | CVE-2021-33574 | LOW | 2.27-3ubuntu1.4 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33574
https://linux.oracle.com/cve/CVE-2021-33574.html
https://linux.oracle.com/errata/ELSA-2021-9560.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBUUWUGXVILQXVWEOU7N42ICHPJNAEUP/
https://security.gentoo.org/glsa/202107-07
https://security.netapp.com/advisory/ntap-20210629-0005/
https://sourceware.org/bugzilla/show_bug.cgi?id=27896
https://sourceware.org/bugzilla/show_bug.cgi?id=27896#c1
| +| locales | CVE-2021-33574 | LOW | 2.27-3ubuntu1.4 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33574
https://linux.oracle.com/cve/CVE-2021-33574.html
https://linux.oracle.com/errata/ELSA-2021-9560.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KJYYIMDDYOHTP2PORLABTOHYQYYREZDD/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBUUWUGXVILQXVWEOU7N42ICHPJNAEUP/
https://security.gentoo.org/glsa/202107-07
https://security.netapp.com/advisory/ntap-20210629-0005/
https://sourceware.org/bugzilla/show_bug.cgi?id=27896
https://sourceware.org/bugzilla/show_bug.cgi?id=27896#c1
| | locales | CVE-2021-35942 | LOW | 2.27-3ubuntu1.4 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35942
https://linux.oracle.com/cve/CVE-2021-35942.html
https://linux.oracle.com/errata/ELSA-2021-9560.html
https://security.netapp.com/advisory/ntap-20210827-0005/
https://sourceware.org/bugzilla/show_bug.cgi?id=28011
https://sourceware.org/git/?p=glibc.git;a=commit;h=5adda61f62b77384718b4c0d8336ade8f2b4b35c
https://sourceware.org/glibc/wiki/Security%20Exceptions
| | login | CVE-2013-4235 | LOW | 1:4.5-1ubuntu2 | |
Expand...https://access.redhat.com/security/cve/cve-2013-4235
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security-tracker.debian.org/tracker/CVE-2013-4235
| -| login | CVE-2018-7169 | LOW | 1:4.5-1ubuntu2 | |
Expand...https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1729357
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7169
https://github.com/shadow-maint/shadow/pull/97
https://security.gentoo.org/glsa/201805-09
| +| login | CVE-2018-7169 | LOW | 1:4.5-1ubuntu2 | 1:4.5-1ubuntu2.2 |
Expand...https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1729357
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7169
https://github.com/shadow-maint/shadow/pull/97
https://security.gentoo.org/glsa/201805-09
https://ubuntu.com/security/notices/USN-5254-1
| +| mount | CVE-2021-37600 | LOW | 2.31.1-0.4ubuntu3.7 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37600
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
| | multiarch-support | CVE-2021-38604 | MEDIUM | 2.27-3ubuntu1.4 | |
Expand...https://blog.tuxcare.com/cve/tuxcare-team-identifies-cve-2021-38604-a-new-vulnerability-in-glibc
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38604
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GYEXYM37RCJWJ6B5KQUYQI4NZBDDYSXP/
https://security.netapp.com/advisory/ntap-20210909-0005/
https://sourceware.org/bugzilla/show_bug.cgi?id=28213
https://sourceware.org/git/?p=glibc.git;a=commit;h=4cc79c217744743077bf7a0ec5e0a4318f1e6641
https://sourceware.org/git/?p=glibc.git;a=commit;h=b805aebd42364fe696e417808a700fdb9800c9e8
| -| multiarch-support | CVE-2021-3998 | MEDIUM | 2.27-3ubuntu1.4 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3998
https://www.openwall.com/lists/oss-security/2022/01/24/4
| | multiarch-support | CVE-2021-3999 | MEDIUM | 2.27-3ubuntu1.4 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3999
https://www.openwall.com/lists/oss-security/2022/01/24/4
| | multiarch-support | CVE-2022-23218 | MEDIUM | 2.27-3ubuntu1.4 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23218
https://sourceware.org/bugzilla/show_bug.cgi?id=28768
| | multiarch-support | CVE-2022-23219 | MEDIUM | 2.27-3ubuntu1.4 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23219
https://sourceware.org/bugzilla/show_bug.cgi?id=22542
| @@ -226,28 +242,32 @@ hide: | multiarch-support | CVE-2016-10739 | LOW | 2.27-3ubuntu1.4 | |
Expand...http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00082.html
http://www.securityfocus.com/bid/106672
https://access.redhat.com/errata/RHSA-2019:2118
https://access.redhat.com/errata/RHSA-2019:3513
https://bugzilla.redhat.com/show_bug.cgi?id=1347549
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10739
https://linux.oracle.com/cve/CVE-2016-10739.html
https://linux.oracle.com/errata/ELSA-2019-3513.html
https://sourceware.org/bugzilla/show_bug.cgi?id=20018
| | multiarch-support | CVE-2019-25013 | LOW | 2.27-3ubuntu1.4 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25013
https://linux.oracle.com/cve/CVE-2019-25013.html
https://linux.oracle.com/errata/ELSA-2021-9344.html
https://lists.apache.org/thread.html/r32d767ac804e9b8aad4355bb85960a6a1385eab7afff549a5e98660f@%3Cjira.kafka.apache.org%3E
https://lists.apache.org/thread.html/r448bb851cc8e6e3f93f3c28c70032b37062625d81214744474ac49e7@%3Cdev.kafka.apache.org%3E
https://lists.apache.org/thread.html/r4806a391091e082bdea17266452ca656ebc176e51bb3932733b3a0a2@%3Cjira.kafka.apache.org%3E
https://lists.apache.org/thread.html/r499e4f96d0b5109ef083f2feccd33c51650c1b7d7068aa3bd47efca9@%3Cjira.kafka.apache.org%3E
https://lists.apache.org/thread.html/r5af4430421bb6f9973294691a7904bbd260937e9eef96b20556f43ff@%3Cjira.kafka.apache.org%3E
https://lists.apache.org/thread.html/r750eee18542bc02bd8350861c424ee60a9b9b225568fa09436a37ece@%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r7a2e94adfe0a2f0a1d42e4927e8c32ecac97d37db9cb68095fe9ddbc@%3Cdev.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rd2354f9ccce41e494fbadcbc5ad87218de6ec0fff8a7b54c8462226c@%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4Y6TX47P47KABSFOL26FLDNVCWXDKDEZ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TVCUNLQ3HXGS4VPUQKWTJGRAW2KTFGXS/
https://security.netapp.com/advisory/ntap-20210205-0004/
https://sourceware.org/bugzilla/show_bug.cgi?id=24973
https://sourceware.org/git/?p=glibc.git;a=commit;h=ee7a3144c9922808181009b7b3e50e852fb4999b
| | multiarch-support | CVE-2020-27618 | LOW | 2.27-3ubuntu1.4 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27618
https://linux.oracle.com/cve/CVE-2020-27618.html
https://linux.oracle.com/errata/ELSA-2021-9344.html
https://security.netapp.com/advisory/ntap-20210401-0006/
https://sourceware.org/bugzilla/show_bug.cgi?id=19519#c21
https://sourceware.org/bugzilla/show_bug.cgi?id=26224
| +| multiarch-support | CVE-2020-29562 | LOW | 2.27-3ubuntu1.4 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29562
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TVCUNLQ3HXGS4VPUQKWTJGRAW2KTFGXS/
https://security.gentoo.org/glsa/202101-20
https://security.netapp.com/advisory/ntap-20210122-0004/
https://sourceware.org/bugzilla/show_bug.cgi?id=26923
https://sourceware.org/pipermail/libc-alpha/2020-November/119822.html
| | multiarch-support | CVE-2020-6096 | LOW | 2.27-3ubuntu1.4 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6096
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SPYXTDOOB4PQGTYAMZAZNJIB3FF6YQXI/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/URXOIA2LDUKHQXK4BE55BQBRI6ZZG3Y6/
https://security.gentoo.org/glsa/202101-20
https://sourceware.org/bugzilla/attachment.cgi?id=12334
https://sourceware.org/bugzilla/show_bug.cgi?id=25620
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1019
https://ubuntu.com/security/notices/USN-4954-1
https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1019
| | multiarch-support | CVE-2021-3326 | LOW | 2.27-3ubuntu1.4 | |
Expand...http://www.openwall.com/lists/oss-security/2021/01/28/2
https://bugs.chromium.org/p/project-zero/issues/detail?id=2146
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3326
https://linux.oracle.com/cve/CVE-2021-3326.html
https://linux.oracle.com/errata/ELSA-2021-9344.html
https://security.netapp.com/advisory/ntap-20210304-0007/
https://sourceware.org/bugzilla/show_bug.cgi?id=27256
https://sourceware.org/git/?p=glibc.git;a=commit;h=7d88c6142c6efc160c0ee5e4f85cde382c072888
https://sourceware.org/pipermail/libc-alpha/2021-January/122058.html
| -| multiarch-support | CVE-2021-33574 | LOW | 2.27-3ubuntu1.4 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33574
https://linux.oracle.com/cve/CVE-2021-33574.html
https://linux.oracle.com/errata/ELSA-2021-9560.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBUUWUGXVILQXVWEOU7N42ICHPJNAEUP/
https://security.gentoo.org/glsa/202107-07
https://security.netapp.com/advisory/ntap-20210629-0005/
https://sourceware.org/bugzilla/show_bug.cgi?id=27896
https://sourceware.org/bugzilla/show_bug.cgi?id=27896#c1
| +| multiarch-support | CVE-2021-33574 | LOW | 2.27-3ubuntu1.4 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33574
https://linux.oracle.com/cve/CVE-2021-33574.html
https://linux.oracle.com/errata/ELSA-2021-9560.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KJYYIMDDYOHTP2PORLABTOHYQYYREZDD/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBUUWUGXVILQXVWEOU7N42ICHPJNAEUP/
https://security.gentoo.org/glsa/202107-07
https://security.netapp.com/advisory/ntap-20210629-0005/
https://sourceware.org/bugzilla/show_bug.cgi?id=27896
https://sourceware.org/bugzilla/show_bug.cgi?id=27896#c1
| | multiarch-support | CVE-2021-35942 | LOW | 2.27-3ubuntu1.4 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35942
https://linux.oracle.com/cve/CVE-2021-35942.html
https://linux.oracle.com/errata/ELSA-2021-9560.html
https://security.netapp.com/advisory/ntap-20210827-0005/
https://sourceware.org/bugzilla/show_bug.cgi?id=28011
https://sourceware.org/git/?p=glibc.git;a=commit;h=5adda61f62b77384718b4c0d8336ade8f2b4b35c
https://sourceware.org/glibc/wiki/Security%20Exceptions
| | ncurses-base | CVE-2019-17594 | LOW | 6.1-1ubuntu1.18.04 | |
Expand...http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00059.html
http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00061.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17594
https://linux.oracle.com/cve/CVE-2019-17594.html
https://linux.oracle.com/errata/ELSA-2021-4426.html
https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00017.html
https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00045.html
https://security.gentoo.org/glsa/202101-28
| | ncurses-base | CVE-2019-17595 | LOW | 6.1-1ubuntu1.18.04 | |
Expand...http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00059.html
http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00061.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17595
https://linux.oracle.com/cve/CVE-2019-17595.html
https://linux.oracle.com/errata/ELSA-2021-4426.html
https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00013.html
https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00045.html
https://security.gentoo.org/glsa/202101-28
| | ncurses-bin | CVE-2019-17594 | LOW | 6.1-1ubuntu1.18.04 | |
Expand...http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00059.html
http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00061.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17594
https://linux.oracle.com/cve/CVE-2019-17594.html
https://linux.oracle.com/errata/ELSA-2021-4426.html
https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00017.html
https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00045.html
https://security.gentoo.org/glsa/202101-28
| | ncurses-bin | CVE-2019-17595 | LOW | 6.1-1ubuntu1.18.04 | |
Expand...http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00059.html
http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00061.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17595
https://linux.oracle.com/cve/CVE-2019-17595.html
https://linux.oracle.com/errata/ELSA-2021-4426.html
https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00013.html
https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00045.html
https://security.gentoo.org/glsa/202101-28
| | passwd | CVE-2013-4235 | LOW | 1:4.5-1ubuntu2 | |
Expand...https://access.redhat.com/security/cve/cve-2013-4235
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security-tracker.debian.org/tracker/CVE-2013-4235
| -| passwd | CVE-2018-7169 | LOW | 1:4.5-1ubuntu2 | |
Expand...https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1729357
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7169
https://github.com/shadow-maint/shadow/pull/97
https://security.gentoo.org/glsa/201805-09
| +| passwd | CVE-2018-7169 | LOW | 1:4.5-1ubuntu2 | 1:4.5-1ubuntu2.2 |
Expand...https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1729357
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7169
https://github.com/shadow-maint/shadow/pull/97
https://security.gentoo.org/glsa/201805-09
https://ubuntu.com/security/notices/USN-5254-1
| | perl-base | CVE-2020-16156 | MEDIUM | 5.26.1-6ubuntu0.5 | |
Expand...http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html
https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16156
https://github.com/andk/cpanpm/commit/b27c51adf0fda25dee84cb72cb2b1bf7d832148c
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SD6RYOJII7HRJ6WVORFNVTYNOFY5JDXN/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SZ32AJIV4RHJMLWLU5QULGKMMIHYOMDC/
https://metacpan.org/pod/distribution/CPAN/scripts/cpan
| | python3-pil | CVE-2022-22815 | MEDIUM | 5.1.0-1ubuntu0.6 | 5.1.0-1ubuntu0.7 |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22815
https://github.com/advisories/GHSA-pw3c-h7wp-cvhx
https://github.com/python-pillow/Pillow/blob/c5d9223a8b5e9295d15b5a9b1ef1dae44c8499f3/src/path.c#L331
https://lists.debian.org/debian-lts-announce/2022/01/msg00018.html
https://nvd.nist.gov/vuln/detail/CVE-2022-22815
https://pillow.readthedocs.io/en/stable/releasenotes/9.0.0.html#fixed-imagepath-path-array-handling
https://ubuntu.com/security/notices/USN-5227-1
https://ubuntu.com/security/notices/USN-5227-2
https://www.debian.org/security/2022/dsa-5053
| -| python3-pil | CVE-2022-22817 | MEDIUM | 5.1.0-1ubuntu0.6 | 5.1.0-1ubuntu0.7 |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22817
https://github.com/advisories/GHSA-8vj2-vxx3-667w
https://lists.debian.org/debian-lts-announce/2022/01/msg00018.html
https://nvd.nist.gov/vuln/detail/CVE-2022-22817
https://pillow.readthedocs.io/en/stable/releasenotes/9.0.0.html#restrict-builtins-available-to-imagemath-eval
https://ubuntu.com/security/notices/USN-5227-1
https://ubuntu.com/security/notices/USN-5227-2
https://www.debian.org/security/2022/dsa-5053
| +| python3-pil | CVE-2022-22817 | MEDIUM | 5.1.0-1ubuntu0.6 | 5.1.0-1ubuntu0.7 |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22817
https://github.com/advisories/GHSA-8vj2-vxx3-667w
https://lists.debian.org/debian-lts-announce/2022/01/msg00018.html
https://nvd.nist.gov/vuln/detail/CVE-2022-22817
https://pillow.readthedocs.io/en/stable/releasenotes/9.0.0.html#fixed-imagepath-path-array-handling
https://pillow.readthedocs.io/en/stable/releasenotes/9.0.0.html#restrict-builtins-available-to-imagemath-eval
https://ubuntu.com/security/notices/USN-5227-1
https://ubuntu.com/security/notices/USN-5227-2
https://www.debian.org/security/2022/dsa-5053
| | python3-pil | CVE-2021-23437 | LOW | 5.1.0-1ubuntu0.6 | 5.1.0-1ubuntu0.7 |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23437
https://github.com/advisories/GHSA-98vv-pw6r-q6q4
https://github.com/python-pillow/Pillow/commit/9e08eb8f78fdfd2f476e1b20b7cf38683754866b
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RNSG6VFXTAROGF7ACYLMAZNQV4EJ6I2C/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VKRCL7KKAKOXCVD7M6WC5OKFGL4L3SJT/
https://nvd.nist.gov/vuln/detail/CVE-2021-23437
https://pillow.readthedocs.io/en/stable/releasenotes/8.3.2.html
https://snyk.io/vuln/SNYK-PYTHON-PILLOW-1319443
https://ubuntu.com/security/notices/USN-5227-1
https://ubuntu.com/security/notices/USN-5227-2
| | python3-pil | CVE-2021-34552 | LOW | 5.1.0-1ubuntu0.6 | 5.1.0-1ubuntu0.7 |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34552
https://github.com/advisories/GHSA-7534-mm45-c74v
https://lists.debian.org/debian-lts-announce/2021/07/msg00018.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7V6LCG525ARIX6LX5QRYNAWVDD2MD2SV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VUGBBT63VL7G4JNOEIPDJIOC34ZFBKNJ/
https://nvd.nist.gov/vuln/detail/CVE-2021-34552
https://pillow.readthedocs.io/en/stable/releasenotes/8.3.0.html#buffer-overflow
https://pillow.readthedocs.io/en/stable/releasenotes/index.html
https://ubuntu.com/security/notices/USN-5227-1
https://ubuntu.com/security/notices/USN-5227-2
| | python3-pil | CVE-2022-22816 | LOW | 5.1.0-1ubuntu0.6 | 5.1.0-1ubuntu0.7 |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22816
https://github.com/advisories/GHSA-xrcv-f9gm-v42c
https://github.com/python-pillow/Pillow/blob/c5d9223a8b5e9295d15b5a9b1ef1dae44c8499f3/src/path.c#L331
https://lists.debian.org/debian-lts-announce/2022/01/msg00018.html
https://nvd.nist.gov/vuln/detail/CVE-2022-22816
https://pillow.readthedocs.io/en/stable/releasenotes/9.0.0.html#fixed-imagepath-path-array-handling
https://ubuntu.com/security/notices/USN-5227-1
https://ubuntu.com/security/notices/USN-5227-2
https://www.debian.org/security/2022/dsa-5053
| | python3.6 | CVE-2021-3733 | MEDIUM | 3.6.9-1~18.04ubuntu1.4 | 3.6.9-1~18.04ubuntu1.6 |
Expand...https://bugs.python.org/issue43075
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3733
https://docs.python.org/3.6/whatsnew/changelog.html#python-3-6-14-final
https://docs.python.org/3.7/whatsnew/changelog.html#python-3-7-11-final
https://docs.python.org/3.8/whatsnew/changelog.html#python-3-8-10-final
https://docs.python.org/3.9/whatsnew/changelog.html#python-3-9-5-final
https://github.com/python/cpython/commit/3fbe96123aeb66664fa547a8f6022efa2dc8788f (3.6.14)
https://github.com/python/cpython/commit/7215d1ae25525c92b026166f9d5cac85fb1defe1 (master)
https://github.com/python/cpython/commit/a21d4fbd549ec9685068a113660553d7f80d9b09 (3.9.5)
https://github.com/python/cpython/commit/ada14995870abddc277addf57dd690a2af04c2da (3.7.11)
https://github.com/python/cpython/commit/e7654b6046090914a8323931ed759a94a5f85d60 (3.8.10)
https://github.com/python/cpython/pull/24391
https://linux.oracle.com/cve/CVE-2021-3733.html
https://linux.oracle.com/errata/ELSA-2021-4160.html
https://ubuntu.com/security/notices/USN-5083-1
https://ubuntu.com/security/notices/USN-5199-1
https://ubuntu.com/security/notices/USN-5200-1
| | python3.6 | CVE-2021-3737 | MEDIUM | 3.6.9-1~18.04ubuntu1.4 | 3.6.9-1~18.04ubuntu1.6 |
Expand...https://bugs.python.org/issue44022
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3737
https://github.com/python/cpython/commit/0389426fa4af4dfc8b1d7f3f291932d928392d8b (3.8 branch)
https://github.com/python/cpython/commit/078b146f062d212919d0ba25e34e658a8234aa63 (v3.7.11)
https://github.com/python/cpython/commit/1b6f4e5e13ebd1f957b47f7415b53d0869bdbac6 (v3.6.14
https://github.com/python/cpython/commit/5df4abd6b033a5f1e48945c6988b45e35e76f647 (v3.9.6)
https://github.com/python/cpython/commit/60ba0b68470a584103e28958d91e93a6db37ec92 (v3.10.0b2)
https://github.com/python/cpython/commit/98e5a7975d99b58d511f171816ecdfb13d5cca18 (v3.10.0b3)
https://github.com/python/cpython/commit/ea9327036680acc92d9f89eaf6f6a54d2f8d78d9 (v3.9.6)
https://github.com/python/cpython/commit/f396864ddfe914531b5856d7bf852808ebfc01ae (v3.8.11)
https://github.com/python/cpython/commit/f68d2d69f1da56c2aea1293ecf93ab69a6010ad7 (v3.6.14)
https://github.com/python/cpython/commit/fee96422e6f0056561cf74fef2012cc066c9db86 (v3.7.11)
https://github.com/python/cpython/pull/25916
https://github.com/python/cpython/pull/26503
https://linux.oracle.com/cve/CVE-2021-3737.html
https://linux.oracle.com/errata/ELSA-2021-4160.html
https://ubuntu.com/security/notices/USN-5083-1
https://ubuntu.com/security/notices/USN-5199-1
https://ubuntu.com/security/notices/USN-5200-1
https://ubuntu.com/security/notices/USN-5201-1
| +| python3.6 | CVE-2021-4189 | MEDIUM | 3.6.9-1~18.04ubuntu1.4 | |
Expand...https://bugs.python.org/issue43285
https://bugzilla.redhat.com/show_bug.cgi?id=2036020
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4189
https://github.com/python/cpython/commit/0ab152c6b5d95caa2dc1a30fa96e10258b5f188e (master)
https://github.com/python/cpython/commit/4134f154ae2f621f25c5d698cc0f1748035a1b88 (v3.6.14)
https://github.com/python/cpython/commit/79373951b3eab585d42e0f0ab83718cbe1d0ee33 (v3.7.11)
https://github.com/python/cpython/commit/7dcb4baa4f0fde3aef5122a8e9f6a41853ec9335 (v3.9.3)
| | python3.6 | CVE-2021-23336 | LOW | 3.6.9-1~18.04ubuntu1.4 | |
Expand...http://www.openwall.com/lists/oss-security/2021/02/19/4
http://www.openwall.com/lists/oss-security/2021/05/01/2
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23336
https://github.com/python/cpython/commit/fcbe0cb04d35189401c0c880ebfb4311e952d776 (master)
https://github.com/python/cpython/pull/24297
https://linux.oracle.com/cve/CVE-2021-23336.html
https://linux.oracle.com/errata/ELSA-2021-4162.html
https://lists.apache.org/thread.html/ra8ce70088ba291f358e077cafdb14d174b7a1ce9a9d86d1b332d6367@%3Cusers.airflow.apache.org%3E
https://lists.apache.org/thread.html/rc005f4de9d9b0ba943ceb8ff5a21a5c6ff8a9df52632476698d99432@%3Cannounce.apache.org%3E
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://lists.debian.org/debian-lts-announce/2021/02/msg00030.html
https://lists.debian.org/debian-lts-announce/2021/04/msg00005.html
https://lists.debian.org/debian-lts-announce/2021/04/msg00015.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3EPYWWFDV22CJ5AOH5VCE72DOASZZ255/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3YKKDLXL3UEZ3J426C2XTBS63AHE46SM/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/46N6A52EGSXHJYCZWVMBJJIH4NWIV2B5/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FONHJIOZOFD7CD35KZL6SVBUTMBPGZGA/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HCQTCSP6SCVIYNIRUJC5X7YBVUHPLSC4/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZTM7KLHFCE3LWSEVO2NAFLUHMGYMCRY/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IHQDU7NXA7EWAE4W7VO6MURVJIULEPPR/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KJXCMHLY7H3FIYLE4OKDYUILU2CCRUCZ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LVNH6Z24IG3E67ZCQGGJ46FZB4XFLQNZ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MNUN5SOMFL2BBKP6ZAICIIUPQKZDMGYO/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MP572OLHMS7MZO4KUPSCIMSZIA5IZZ62/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N6VXJZSZ6N64AILJX4CTMACYGQGHHD5C/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NJSCSN722JO2E2AGPWD4NTGVELVRPB4R/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NODWHDIFBQE5RU5PUWUVE47JOT5VCMJ2/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OAGSWNGZJ6HQ5ISA67SNMK3CJRKICET7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RSLQD5CCM75IZGAMBDGUZEATYU5YSGJ7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SGIY6I4YS3WOXAK4SXKIEOC2G4VZKIR7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TFTELUMWZE3KV3JB2H5EE6VFRZFRD5MV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LSKBEFI5SYEY5FM6ICZVZM5WRQUCS4/
https://security.gentoo.org/glsa/202104-04
https://security.netapp.com/advisory/ntap-20210326-0004/
https://snyk.io/blog/cache-poisoning-in-popular-open-source-packages/
https://snyk.io/vuln/SNYK-UPSTREAM-PYTHONCPYTHON-1074933
https://ubuntu.com/security/notices/USN-4742-1
https://www.djangoproject.com/weblog/2021/feb/19/security-releases/
https://www.oracle.com//security-alerts/cpujul2021.html
https://www.oracle.com/security-alerts/cpuApr2021.html
https://www.oracle.com/security-alerts/cpuoct2021.html
| | python3.6 | CVE-2021-3426 | LOW | 3.6.9-1~18.04ubuntu1.4 | |
Expand...https://bugzilla.redhat.com/show_bug.cgi?id=1935913
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3426
https://github.com/python/cpython/pull/24285
https://github.com/python/cpython/pull/24337
https://linux.oracle.com/cve/CVE-2021-3426.html
https://linux.oracle.com/errata/ELSA-2021-9562.html
https://lists.debian.org/debian-lts-announce/2021/04/msg00005.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/25HVHLBGO2KNPXJ3G426QEYSSCECJDU5/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BF2K7HEWADHN6P52R3QLIOX27U3DJ4HI/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DQYPUKLLBOZMKFPO7RD7CENTXHUUEUV7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LM5V4VPLBHBEASSAROYPSHXGXGGPHNOE/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N6VXJZSZ6N64AILJX4CTMACYGQGHHD5C/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QNGAFMPIYIVJ47FCF2NK2PIX22HUG35B/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VPX7Y5GQDNB4FJTREWONGC4ZSVH7TGHF/
https://python-security.readthedocs.io/vuln/pydoc-getfile.html
https://security.gentoo.org/glsa/202104-04
https://security.netapp.com/advisory/ntap-20210629-0003/
https://www.oracle.com/security-alerts/cpuoct2021.html
| | python3.6-minimal | CVE-2021-3733 | MEDIUM | 3.6.9-1~18.04ubuntu1.4 | 3.6.9-1~18.04ubuntu1.6 |
Expand...https://bugs.python.org/issue43075
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3733
https://docs.python.org/3.6/whatsnew/changelog.html#python-3-6-14-final
https://docs.python.org/3.7/whatsnew/changelog.html#python-3-7-11-final
https://docs.python.org/3.8/whatsnew/changelog.html#python-3-8-10-final
https://docs.python.org/3.9/whatsnew/changelog.html#python-3-9-5-final
https://github.com/python/cpython/commit/3fbe96123aeb66664fa547a8f6022efa2dc8788f (3.6.14)
https://github.com/python/cpython/commit/7215d1ae25525c92b026166f9d5cac85fb1defe1 (master)
https://github.com/python/cpython/commit/a21d4fbd549ec9685068a113660553d7f80d9b09 (3.9.5)
https://github.com/python/cpython/commit/ada14995870abddc277addf57dd690a2af04c2da (3.7.11)
https://github.com/python/cpython/commit/e7654b6046090914a8323931ed759a94a5f85d60 (3.8.10)
https://github.com/python/cpython/pull/24391
https://linux.oracle.com/cve/CVE-2021-3733.html
https://linux.oracle.com/errata/ELSA-2021-4160.html
https://ubuntu.com/security/notices/USN-5083-1
https://ubuntu.com/security/notices/USN-5199-1
https://ubuntu.com/security/notices/USN-5200-1
| | python3.6-minimal | CVE-2021-3737 | MEDIUM | 3.6.9-1~18.04ubuntu1.4 | 3.6.9-1~18.04ubuntu1.6 |
Expand...https://bugs.python.org/issue44022
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3737
https://github.com/python/cpython/commit/0389426fa4af4dfc8b1d7f3f291932d928392d8b (3.8 branch)
https://github.com/python/cpython/commit/078b146f062d212919d0ba25e34e658a8234aa63 (v3.7.11)
https://github.com/python/cpython/commit/1b6f4e5e13ebd1f957b47f7415b53d0869bdbac6 (v3.6.14
https://github.com/python/cpython/commit/5df4abd6b033a5f1e48945c6988b45e35e76f647 (v3.9.6)
https://github.com/python/cpython/commit/60ba0b68470a584103e28958d91e93a6db37ec92 (v3.10.0b2)
https://github.com/python/cpython/commit/98e5a7975d99b58d511f171816ecdfb13d5cca18 (v3.10.0b3)
https://github.com/python/cpython/commit/ea9327036680acc92d9f89eaf6f6a54d2f8d78d9 (v3.9.6)
https://github.com/python/cpython/commit/f396864ddfe914531b5856d7bf852808ebfc01ae (v3.8.11)
https://github.com/python/cpython/commit/f68d2d69f1da56c2aea1293ecf93ab69a6010ad7 (v3.6.14)
https://github.com/python/cpython/commit/fee96422e6f0056561cf74fef2012cc066c9db86 (v3.7.11)
https://github.com/python/cpython/pull/25916
https://github.com/python/cpython/pull/26503
https://linux.oracle.com/cve/CVE-2021-3737.html
https://linux.oracle.com/errata/ELSA-2021-4160.html
https://ubuntu.com/security/notices/USN-5083-1
https://ubuntu.com/security/notices/USN-5199-1
https://ubuntu.com/security/notices/USN-5200-1
https://ubuntu.com/security/notices/USN-5201-1
| +| python3.6-minimal | CVE-2021-4189 | MEDIUM | 3.6.9-1~18.04ubuntu1.4 | |
Expand...https://bugs.python.org/issue43285
https://bugzilla.redhat.com/show_bug.cgi?id=2036020
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4189
https://github.com/python/cpython/commit/0ab152c6b5d95caa2dc1a30fa96e10258b5f188e (master)
https://github.com/python/cpython/commit/4134f154ae2f621f25c5d698cc0f1748035a1b88 (v3.6.14)
https://github.com/python/cpython/commit/79373951b3eab585d42e0f0ab83718cbe1d0ee33 (v3.7.11)
https://github.com/python/cpython/commit/7dcb4baa4f0fde3aef5122a8e9f6a41853ec9335 (v3.9.3)
| | python3.6-minimal | CVE-2021-23336 | LOW | 3.6.9-1~18.04ubuntu1.4 | |
Expand...http://www.openwall.com/lists/oss-security/2021/02/19/4
http://www.openwall.com/lists/oss-security/2021/05/01/2
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23336
https://github.com/python/cpython/commit/fcbe0cb04d35189401c0c880ebfb4311e952d776 (master)
https://github.com/python/cpython/pull/24297
https://linux.oracle.com/cve/CVE-2021-23336.html
https://linux.oracle.com/errata/ELSA-2021-4162.html
https://lists.apache.org/thread.html/ra8ce70088ba291f358e077cafdb14d174b7a1ce9a9d86d1b332d6367@%3Cusers.airflow.apache.org%3E
https://lists.apache.org/thread.html/rc005f4de9d9b0ba943ceb8ff5a21a5c6ff8a9df52632476698d99432@%3Cannounce.apache.org%3E
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://lists.debian.org/debian-lts-announce/2021/02/msg00030.html
https://lists.debian.org/debian-lts-announce/2021/04/msg00005.html
https://lists.debian.org/debian-lts-announce/2021/04/msg00015.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3EPYWWFDV22CJ5AOH5VCE72DOASZZ255/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3YKKDLXL3UEZ3J426C2XTBS63AHE46SM/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/46N6A52EGSXHJYCZWVMBJJIH4NWIV2B5/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FONHJIOZOFD7CD35KZL6SVBUTMBPGZGA/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HCQTCSP6SCVIYNIRUJC5X7YBVUHPLSC4/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZTM7KLHFCE3LWSEVO2NAFLUHMGYMCRY/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IHQDU7NXA7EWAE4W7VO6MURVJIULEPPR/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KJXCMHLY7H3FIYLE4OKDYUILU2CCRUCZ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LVNH6Z24IG3E67ZCQGGJ46FZB4XFLQNZ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MNUN5SOMFL2BBKP6ZAICIIUPQKZDMGYO/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MP572OLHMS7MZO4KUPSCIMSZIA5IZZ62/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N6VXJZSZ6N64AILJX4CTMACYGQGHHD5C/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NJSCSN722JO2E2AGPWD4NTGVELVRPB4R/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NODWHDIFBQE5RU5PUWUVE47JOT5VCMJ2/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OAGSWNGZJ6HQ5ISA67SNMK3CJRKICET7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RSLQD5CCM75IZGAMBDGUZEATYU5YSGJ7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SGIY6I4YS3WOXAK4SXKIEOC2G4VZKIR7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TFTELUMWZE3KV3JB2H5EE6VFRZFRD5MV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LSKBEFI5SYEY5FM6ICZVZM5WRQUCS4/
https://security.gentoo.org/glsa/202104-04
https://security.netapp.com/advisory/ntap-20210326-0004/
https://snyk.io/blog/cache-poisoning-in-popular-open-source-packages/
https://snyk.io/vuln/SNYK-UPSTREAM-PYTHONCPYTHON-1074933
https://ubuntu.com/security/notices/USN-4742-1
https://www.djangoproject.com/weblog/2021/feb/19/security-releases/
https://www.oracle.com//security-alerts/cpujul2021.html
https://www.oracle.com/security-alerts/cpuApr2021.html
https://www.oracle.com/security-alerts/cpuoct2021.html
| | python3.6-minimal | CVE-2021-3426 | LOW | 3.6.9-1~18.04ubuntu1.4 | |
Expand...https://bugzilla.redhat.com/show_bug.cgi?id=1935913
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3426
https://github.com/python/cpython/pull/24285
https://github.com/python/cpython/pull/24337
https://linux.oracle.com/cve/CVE-2021-3426.html
https://linux.oracle.com/errata/ELSA-2021-9562.html
https://lists.debian.org/debian-lts-announce/2021/04/msg00005.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/25HVHLBGO2KNPXJ3G426QEYSSCECJDU5/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BF2K7HEWADHN6P52R3QLIOX27U3DJ4HI/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DQYPUKLLBOZMKFPO7RD7CENTXHUUEUV7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LM5V4VPLBHBEASSAROYPSHXGXGGPHNOE/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N6VXJZSZ6N64AILJX4CTMACYGQGHHD5C/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QNGAFMPIYIVJ47FCF2NK2PIX22HUG35B/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VPX7Y5GQDNB4FJTREWONGC4ZSVH7TGHF/
https://python-security.readthedocs.io/vuln/pydoc-getfile.html
https://security.gentoo.org/glsa/202104-04
https://security.netapp.com/advisory/ntap-20210629-0003/
https://www.oracle.com/security-alerts/cpuoct2021.html
| +| util-linux | CVE-2021-37600 | LOW | 2.31.1-0.4ubuntu3.7 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37600
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
| | xdg-user-dirs | CVE-2017-15131 | LOW | 0.17-1ubuntu1 | |
Expand...http://bugs.freedesktop.org/show_bug.cgi?id=102303
https://access.redhat.com/errata/RHSA-2018:0842
https://bugzilla.redhat.com/show_bug.cgi?id=1412762
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15131
https://linux.oracle.com/cve/CVE-2017-15131.html
https://linux.oracle.com/errata/ELSA-2018-0842.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
| diff --git a/docs/apps/stable/deluge/CHANGELOG.md b/docs/apps/stable/deluge/CHANGELOG.md index 8a563ef7e82..66229b9d677 100644 --- a/docs/apps/stable/deluge/CHANGELOG.md +++ b/docs/apps/stable/deluge/CHANGELOG.md @@ -1,6 +1,15 @@ # Changelog
+ +### [deluge-9.0.37](https://github.com/truecharts/apps/compare/deluge-9.0.36...deluge-9.0.37) (2022-01-31) + +#### Fix + +* rofs false ([#1821](https://github.com/truecharts/apps/issues/1821)) + + + ### [deluge-9.0.36](https://github.com/truecharts/apps/compare/deluge-9.0.35...deluge-9.0.36) (2022-01-25) diff --git a/docs/apps/stable/deluge/helm-values.md b/docs/apps/stable/deluge/helm-values.md index 95265c50d13..c6ce5239520 100644 --- a/docs/apps/stable/deluge/helm-values.md +++ b/docs/apps/stable/deluge/helm-values.md @@ -19,6 +19,7 @@ You will, however, be able to use all values referenced in the common chart here | persistence.varrun.enabled | bool | `true` | | | podSecurityContext.runAsGroup | int | `0` | | | podSecurityContext.runAsUser | int | `0` | | +| securityContext.readOnlyRootFilesystem | bool | `false` | | | securityContext.runAsNonRoot | bool | `false` | | | service.main.ports.main.port | int | `8112` | | | service.main.ports.main.targetPort | int | `8112` | | diff --git a/docs/apps/stable/deluge/security.md b/docs/apps/stable/deluge/security.md index 1551e86ea31..571eb47a571 100644 --- a/docs/apps/stable/deluge/security.md +++ b/docs/apps/stable/deluge/security.md @@ -20,6 +20,7 @@ hide: | Kubernetes Security Check | KSV003 | Default capabilities not dropped | LOW |
Expand... The container should drop all default capabilities and add only those that are needed for its execution.


Container 'RELEASE-NAME-deluge' of Deployment 'RELEASE-NAME-deluge' should add 'ALL' to 'securityContext.capabilities.drop'
|
Expand...https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/
https://avd.aquasec.com/appshield/ksv003
| | Kubernetes Security Check | KSV012 | Runs as root user | MEDIUM |
Expand... 'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.


Container 'RELEASE-NAME-deluge' of Deployment 'RELEASE-NAME-deluge' should set 'securityContext.runAsNonRoot' to true
|
Expand...https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/appshield/ksv012
| | Kubernetes Security Check | KSV012 | Runs as root user | MEDIUM |
Expand... 'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.


Container 'autopermissions' of Deployment 'RELEASE-NAME-deluge' should set 'securityContext.runAsNonRoot' to true
|
Expand...https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/appshield/ksv012
| +| Kubernetes Security Check | KSV014 | Root file system is not read-only | LOW |
Expand... An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk.


Container 'RELEASE-NAME-deluge' of Deployment 'RELEASE-NAME-deluge' should set 'securityContext.readOnlyRootFilesystem' to true
|
Expand...https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/
https://avd.aquasec.com/appshield/ksv014
| | Kubernetes Security Check | KSV014 | Root file system is not read-only | LOW |
Expand... An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk.


Container 'autopermissions' of Deployment 'RELEASE-NAME-deluge' should set 'securityContext.readOnlyRootFilesystem' to true
|
Expand...https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/
https://avd.aquasec.com/appshield/ksv014
| | Kubernetes Security Check | KSV020 | Runs with low user ID | MEDIUM |
Expand... Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.


Container 'RELEASE-NAME-deluge' of Deployment 'RELEASE-NAME-deluge' should set 'securityContext.runAsUser' > 10000
|
Expand...https://kubesec.io/basics/containers-securitycontext-runasuser/
https://avd.aquasec.com/appshield/ksv020
| | Kubernetes Security Check | KSV020 | Runs with low user ID | MEDIUM |
Expand... Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.


Container 'autopermissions' of Deployment 'RELEASE-NAME-deluge' should set 'securityContext.runAsUser' > 10000
|
Expand...https://kubesec.io/basics/containers-securitycontext-runasuser/
https://avd.aquasec.com/appshield/ksv020
| @@ -78,9 +79,11 @@ hide: | Package | Vulnerability | Severity | Installed Version | Fixed Version | Links | |:----------------|:------------------:|:-----------:|:------------------:|:-------------:|-----------------------------------------| | bash | CVE-2019-18276 | LOW | 4.4.18-2ubuntu1.2 | |
Expand...http://packetstormsecurity.com/files/155498/Bash-5.0-Patch-11-Privilege-Escalation.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18276
https://github.com/bminor/bash/commit/951bdaad7a18cc0dc1036bba86b18b90874d39ff
https://linux.oracle.com/cve/CVE-2019-18276.html
https://linux.oracle.com/errata/ELSA-2021-1679.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security.gentoo.org/glsa/202105-34
https://security.netapp.com/advisory/ntap-20200430-0003/
https://www.youtube.com/watch?v=-wGtxJ8opa8
| +| bsdutils | CVE-2021-37600 | LOW | 2.31.1-0.4ubuntu3.7 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37600
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
| | coreutils | CVE-2016-2781 | LOW | 8.28-1ubuntu1 | |
Expand...http://seclists.org/oss-sec/2016/q1/452
http://www.openwall.com/lists/oss-security/2016/02/28/2
http://www.openwall.com/lists/oss-security/2016/02/28/3
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2781
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://lore.kernel.org/patchwork/patch/793178/
| | dbus | CVE-2020-35512 | LOW | 1.12.2-1ubuntu1.2 | |
Expand...https://bugs.gentoo.org/755392
https://bugzilla.redhat.com/show_bug.cgi?id=1909101
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35512
https://gitlab.freedesktop.org/dbus/dbus/-/commit/2b7948ef907669e844b52c4fa2268d6e3162a70c (dbus-1.13.18)
https://gitlab.freedesktop.org/dbus/dbus/-/commit/dc94fe3d31adf72259adc31f343537151a6c0bdd (dbus-1.10.32)
https://gitlab.freedesktop.org/dbus/dbus/-/commit/f3b2574f0c9faa32a59efec905921f7ef4438a60 (dbus-1.12.20)
https://gitlab.freedesktop.org/dbus/dbus/-/issues/305
https://gitlab.freedesktop.org/dbus/dbus/-/issues/305#note_829128
https://security-tracker.debian.org/tracker/CVE-2020-35512
https://ubuntu.com/security/notices/USN-5244-1
| | dirmngr | CVE-2019-13050 | LOW | 2.2.4-1ubuntu1.4 | |
Expand...http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00039.html
https://access.redhat.com/articles/4264021
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13050
https://gist.github.com/rjhansen/67ab921ffb4084c865b3618d6955275f
https://linux.oracle.com/cve/CVE-2019-13050.html
https://linux.oracle.com/errata/ELSA-2020-4490.html
https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E
https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AUK2YRO6QIH64WP2LRA5D4LACTXQPPU4/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CP4ON34YEXEZDZOXXWV43KVGGO6WZLJ5/
https://lists.gnupg.org/pipermail/gnupg-announce/2019q3/000439.html
https://support.f5.com/csp/article/K08654551
https://support.f5.com/csp/article/K08654551?utm_source=f5support&utm_medium=RSS
https://twitter.com/lambdafu/status/1147162583969009664
| +| fdisk | CVE-2021-37600 | LOW | 2.31.1-0.4ubuntu3.7 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37600
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
| | gcc-8-base | CVE-2020-13844 | MEDIUM | 8.4.0-1ubuntu1~18.04 | |
Expand...http://lists.llvm.org/pipermail/llvm-dev/2020-June/142109.html
http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00039.html
http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00040.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13844
https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability
https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability/downloads/straight-line-speculation
https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability/frequently-asked-questions
https://gcc.gnu.org/pipermail/gcc-patches/2020-June/547520.html
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=679db70801da9fda91d26caf13bf5b5ccc74e8e8
| | gnupg | CVE-2019-13050 | LOW | 2.2.4-1ubuntu1.4 | |
Expand...http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00039.html
https://access.redhat.com/articles/4264021
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13050
https://gist.github.com/rjhansen/67ab921ffb4084c865b3618d6955275f
https://linux.oracle.com/cve/CVE-2019-13050.html
https://linux.oracle.com/errata/ELSA-2020-4490.html
https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E
https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AUK2YRO6QIH64WP2LRA5D4LACTXQPPU4/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CP4ON34YEXEZDZOXXWV43KVGGO6WZLJ5/
https://lists.gnupg.org/pipermail/gnupg-announce/2019q3/000439.html
https://support.f5.com/csp/article/K08654551
https://support.f5.com/csp/article/K08654551?utm_source=f5support&utm_medium=RSS
https://twitter.com/lambdafu/status/1147162583969009664
| | gnupg-l10n | CVE-2019-13050 | LOW | 2.2.4-1ubuntu1.4 | |
Expand...http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00039.html
https://access.redhat.com/articles/4264021
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13050
https://gist.github.com/rjhansen/67ab921ffb4084c865b3618d6955275f
https://linux.oracle.com/cve/CVE-2019-13050.html
https://linux.oracle.com/errata/ELSA-2020-4490.html
https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E
https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AUK2YRO6QIH64WP2LRA5D4LACTXQPPU4/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CP4ON34YEXEZDZOXXWV43KVGGO6WZLJ5/
https://lists.gnupg.org/pipermail/gnupg-announce/2019q3/000439.html
https://support.f5.com/csp/article/K08654551
https://support.f5.com/csp/article/K08654551?utm_source=f5support&utm_medium=RSS
https://twitter.com/lambdafu/status/1147162583969009664
| @@ -99,8 +102,8 @@ hide: | libapparmor1 | CVE-2016-1585 | MEDIUM | 2.12-4ubuntu5.1 | |
Expand...https://bugs.launchpad.net/apparmor/+bug/1597017
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1585
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
| | libasn1-8-heimdal | CVE-2019-12098 | LOW | 7.5.0+dfsg-1 | |
Expand...http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00002.html
http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00003.html
http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00026.html
http://www.h5l.org/pipermail/heimdal-announce/2019-May/000009.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12098
https://github.com/heimdal/heimdal/commit/2f7f3d9960aa6ea21358bdf3687cee5149aa35cf
https://github.com/heimdal/heimdal/compare/3e58559...bbafe72
https://github.com/heimdal/heimdal/releases/tag/heimdal-7.6.0
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GIXEDVVMPD6ZAJSMI2EZ7FNEIVNWE5PD/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SLXXIF4LOQEAEDAF4UGP2AO6WDNTDFUB/
https://seclists.org/bugtraq/2019/Jun/1
https://www.debian.org/security/2019/dsa-4455
| | libasn1-8-heimdal | CVE-2021-3671 | LOW | 7.5.0+dfsg-1 | |
Expand...https://bugzilla.redhat.com/show_bug.cgi?id=2013080,
https://bugzilla.samba.org/show_bug.cgi?id=14770,
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671
https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a
https://ubuntu.com/security/notices/USN-5142-1
https://ubuntu.com/security/notices/USN-5174-1
| +| libblkid1 | CVE-2021-37600 | LOW | 2.31.1-0.4ubuntu3.7 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37600
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
| | libc-bin | CVE-2021-38604 | MEDIUM | 2.27-3ubuntu1.4 | |
Expand...https://blog.tuxcare.com/cve/tuxcare-team-identifies-cve-2021-38604-a-new-vulnerability-in-glibc
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38604
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GYEXYM37RCJWJ6B5KQUYQI4NZBDDYSXP/
https://security.netapp.com/advisory/ntap-20210909-0005/
https://sourceware.org/bugzilla/show_bug.cgi?id=28213
https://sourceware.org/git/?p=glibc.git;a=commit;h=4cc79c217744743077bf7a0ec5e0a4318f1e6641
https://sourceware.org/git/?p=glibc.git;a=commit;h=b805aebd42364fe696e417808a700fdb9800c9e8
| -| libc-bin | CVE-2021-3998 | MEDIUM | 2.27-3ubuntu1.4 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3998
https://www.openwall.com/lists/oss-security/2022/01/24/4
| | libc-bin | CVE-2021-3999 | MEDIUM | 2.27-3ubuntu1.4 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3999
https://www.openwall.com/lists/oss-security/2022/01/24/4
| | libc-bin | CVE-2022-23218 | MEDIUM | 2.27-3ubuntu1.4 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23218
https://sourceware.org/bugzilla/show_bug.cgi?id=28768
| | libc-bin | CVE-2022-23219 | MEDIUM | 2.27-3ubuntu1.4 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23219
https://sourceware.org/bugzilla/show_bug.cgi?id=22542
| @@ -110,12 +113,12 @@ hide: | libc-bin | CVE-2016-10739 | LOW | 2.27-3ubuntu1.4 | |
Expand...http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00082.html
http://www.securityfocus.com/bid/106672
https://access.redhat.com/errata/RHSA-2019:2118
https://access.redhat.com/errata/RHSA-2019:3513
https://bugzilla.redhat.com/show_bug.cgi?id=1347549
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10739
https://linux.oracle.com/cve/CVE-2016-10739.html
https://linux.oracle.com/errata/ELSA-2019-3513.html
https://sourceware.org/bugzilla/show_bug.cgi?id=20018
| | libc-bin | CVE-2019-25013 | LOW | 2.27-3ubuntu1.4 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25013
https://linux.oracle.com/cve/CVE-2019-25013.html
https://linux.oracle.com/errata/ELSA-2021-9344.html
https://lists.apache.org/thread.html/r32d767ac804e9b8aad4355bb85960a6a1385eab7afff549a5e98660f@%3Cjira.kafka.apache.org%3E
https://lists.apache.org/thread.html/r448bb851cc8e6e3f93f3c28c70032b37062625d81214744474ac49e7@%3Cdev.kafka.apache.org%3E
https://lists.apache.org/thread.html/r4806a391091e082bdea17266452ca656ebc176e51bb3932733b3a0a2@%3Cjira.kafka.apache.org%3E
https://lists.apache.org/thread.html/r499e4f96d0b5109ef083f2feccd33c51650c1b7d7068aa3bd47efca9@%3Cjira.kafka.apache.org%3E
https://lists.apache.org/thread.html/r5af4430421bb6f9973294691a7904bbd260937e9eef96b20556f43ff@%3Cjira.kafka.apache.org%3E
https://lists.apache.org/thread.html/r750eee18542bc02bd8350861c424ee60a9b9b225568fa09436a37ece@%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r7a2e94adfe0a2f0a1d42e4927e8c32ecac97d37db9cb68095fe9ddbc@%3Cdev.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rd2354f9ccce41e494fbadcbc5ad87218de6ec0fff8a7b54c8462226c@%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4Y6TX47P47KABSFOL26FLDNVCWXDKDEZ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TVCUNLQ3HXGS4VPUQKWTJGRAW2KTFGXS/
https://security.netapp.com/advisory/ntap-20210205-0004/
https://sourceware.org/bugzilla/show_bug.cgi?id=24973
https://sourceware.org/git/?p=glibc.git;a=commit;h=ee7a3144c9922808181009b7b3e50e852fb4999b
| | libc-bin | CVE-2020-27618 | LOW | 2.27-3ubuntu1.4 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27618
https://linux.oracle.com/cve/CVE-2020-27618.html
https://linux.oracle.com/errata/ELSA-2021-9344.html
https://security.netapp.com/advisory/ntap-20210401-0006/
https://sourceware.org/bugzilla/show_bug.cgi?id=19519#c21
https://sourceware.org/bugzilla/show_bug.cgi?id=26224
| +| libc-bin | CVE-2020-29562 | LOW | 2.27-3ubuntu1.4 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29562
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TVCUNLQ3HXGS4VPUQKWTJGRAW2KTFGXS/
https://security.gentoo.org/glsa/202101-20
https://security.netapp.com/advisory/ntap-20210122-0004/
https://sourceware.org/bugzilla/show_bug.cgi?id=26923
https://sourceware.org/pipermail/libc-alpha/2020-November/119822.html
| | libc-bin | CVE-2020-6096 | LOW | 2.27-3ubuntu1.4 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6096
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SPYXTDOOB4PQGTYAMZAZNJIB3FF6YQXI/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/URXOIA2LDUKHQXK4BE55BQBRI6ZZG3Y6/
https://security.gentoo.org/glsa/202101-20
https://sourceware.org/bugzilla/attachment.cgi?id=12334
https://sourceware.org/bugzilla/show_bug.cgi?id=25620
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1019
https://ubuntu.com/security/notices/USN-4954-1
https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1019
| | libc-bin | CVE-2021-3326 | LOW | 2.27-3ubuntu1.4 | |
Expand...http://www.openwall.com/lists/oss-security/2021/01/28/2
https://bugs.chromium.org/p/project-zero/issues/detail?id=2146
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3326
https://linux.oracle.com/cve/CVE-2021-3326.html
https://linux.oracle.com/errata/ELSA-2021-9344.html
https://security.netapp.com/advisory/ntap-20210304-0007/
https://sourceware.org/bugzilla/show_bug.cgi?id=27256
https://sourceware.org/git/?p=glibc.git;a=commit;h=7d88c6142c6efc160c0ee5e4f85cde382c072888
https://sourceware.org/pipermail/libc-alpha/2021-January/122058.html
| -| libc-bin | CVE-2021-33574 | LOW | 2.27-3ubuntu1.4 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33574
https://linux.oracle.com/cve/CVE-2021-33574.html
https://linux.oracle.com/errata/ELSA-2021-9560.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBUUWUGXVILQXVWEOU7N42ICHPJNAEUP/
https://security.gentoo.org/glsa/202107-07
https://security.netapp.com/advisory/ntap-20210629-0005/
https://sourceware.org/bugzilla/show_bug.cgi?id=27896
https://sourceware.org/bugzilla/show_bug.cgi?id=27896#c1
| +| libc-bin | CVE-2021-33574 | LOW | 2.27-3ubuntu1.4 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33574
https://linux.oracle.com/cve/CVE-2021-33574.html
https://linux.oracle.com/errata/ELSA-2021-9560.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KJYYIMDDYOHTP2PORLABTOHYQYYREZDD/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBUUWUGXVILQXVWEOU7N42ICHPJNAEUP/
https://security.gentoo.org/glsa/202107-07
https://security.netapp.com/advisory/ntap-20210629-0005/
https://sourceware.org/bugzilla/show_bug.cgi?id=27896
https://sourceware.org/bugzilla/show_bug.cgi?id=27896#c1
| | libc-bin | CVE-2021-35942 | LOW | 2.27-3ubuntu1.4 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35942
https://linux.oracle.com/cve/CVE-2021-35942.html
https://linux.oracle.com/errata/ELSA-2021-9560.html
https://security.netapp.com/advisory/ntap-20210827-0005/
https://sourceware.org/bugzilla/show_bug.cgi?id=28011
https://sourceware.org/git/?p=glibc.git;a=commit;h=5adda61f62b77384718b4c0d8336ade8f2b4b35c
https://sourceware.org/glibc/wiki/Security%20Exceptions
| | libc6 | CVE-2021-38604 | MEDIUM | 2.27-3ubuntu1.4 | |
Expand...https://blog.tuxcare.com/cve/tuxcare-team-identifies-cve-2021-38604-a-new-vulnerability-in-glibc
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38604
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GYEXYM37RCJWJ6B5KQUYQI4NZBDDYSXP/
https://security.netapp.com/advisory/ntap-20210909-0005/
https://sourceware.org/bugzilla/show_bug.cgi?id=28213
https://sourceware.org/git/?p=glibc.git;a=commit;h=4cc79c217744743077bf7a0ec5e0a4318f1e6641
https://sourceware.org/git/?p=glibc.git;a=commit;h=b805aebd42364fe696e417808a700fdb9800c9e8
| -| libc6 | CVE-2021-3998 | MEDIUM | 2.27-3ubuntu1.4 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3998
https://www.openwall.com/lists/oss-security/2022/01/24/4
| | libc6 | CVE-2021-3999 | MEDIUM | 2.27-3ubuntu1.4 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3999
https://www.openwall.com/lists/oss-security/2022/01/24/4
| | libc6 | CVE-2022-23218 | MEDIUM | 2.27-3ubuntu1.4 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23218
https://sourceware.org/bugzilla/show_bug.cgi?id=28768
| | libc6 | CVE-2022-23219 | MEDIUM | 2.27-3ubuntu1.4 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23219
https://sourceware.org/bugzilla/show_bug.cgi?id=22542
| @@ -125,12 +128,15 @@ hide: | libc6 | CVE-2016-10739 | LOW | 2.27-3ubuntu1.4 | |
Expand...http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00082.html
http://www.securityfocus.com/bid/106672
https://access.redhat.com/errata/RHSA-2019:2118
https://access.redhat.com/errata/RHSA-2019:3513
https://bugzilla.redhat.com/show_bug.cgi?id=1347549
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10739
https://linux.oracle.com/cve/CVE-2016-10739.html
https://linux.oracle.com/errata/ELSA-2019-3513.html
https://sourceware.org/bugzilla/show_bug.cgi?id=20018
| | libc6 | CVE-2019-25013 | LOW | 2.27-3ubuntu1.4 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25013
https://linux.oracle.com/cve/CVE-2019-25013.html
https://linux.oracle.com/errata/ELSA-2021-9344.html
https://lists.apache.org/thread.html/r32d767ac804e9b8aad4355bb85960a6a1385eab7afff549a5e98660f@%3Cjira.kafka.apache.org%3E
https://lists.apache.org/thread.html/r448bb851cc8e6e3f93f3c28c70032b37062625d81214744474ac49e7@%3Cdev.kafka.apache.org%3E
https://lists.apache.org/thread.html/r4806a391091e082bdea17266452ca656ebc176e51bb3932733b3a0a2@%3Cjira.kafka.apache.org%3E
https://lists.apache.org/thread.html/r499e4f96d0b5109ef083f2feccd33c51650c1b7d7068aa3bd47efca9@%3Cjira.kafka.apache.org%3E
https://lists.apache.org/thread.html/r5af4430421bb6f9973294691a7904bbd260937e9eef96b20556f43ff@%3Cjira.kafka.apache.org%3E
https://lists.apache.org/thread.html/r750eee18542bc02bd8350861c424ee60a9b9b225568fa09436a37ece@%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r7a2e94adfe0a2f0a1d42e4927e8c32ecac97d37db9cb68095fe9ddbc@%3Cdev.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rd2354f9ccce41e494fbadcbc5ad87218de6ec0fff8a7b54c8462226c@%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4Y6TX47P47KABSFOL26FLDNVCWXDKDEZ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TVCUNLQ3HXGS4VPUQKWTJGRAW2KTFGXS/
https://security.netapp.com/advisory/ntap-20210205-0004/
https://sourceware.org/bugzilla/show_bug.cgi?id=24973
https://sourceware.org/git/?p=glibc.git;a=commit;h=ee7a3144c9922808181009b7b3e50e852fb4999b
| | libc6 | CVE-2020-27618 | LOW | 2.27-3ubuntu1.4 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27618
https://linux.oracle.com/cve/CVE-2020-27618.html
https://linux.oracle.com/errata/ELSA-2021-9344.html
https://security.netapp.com/advisory/ntap-20210401-0006/
https://sourceware.org/bugzilla/show_bug.cgi?id=19519#c21
https://sourceware.org/bugzilla/show_bug.cgi?id=26224
| +| libc6 | CVE-2020-29562 | LOW | 2.27-3ubuntu1.4 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29562
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TVCUNLQ3HXGS4VPUQKWTJGRAW2KTFGXS/
https://security.gentoo.org/glsa/202101-20
https://security.netapp.com/advisory/ntap-20210122-0004/
https://sourceware.org/bugzilla/show_bug.cgi?id=26923
https://sourceware.org/pipermail/libc-alpha/2020-November/119822.html
| | libc6 | CVE-2020-6096 | LOW | 2.27-3ubuntu1.4 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6096
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SPYXTDOOB4PQGTYAMZAZNJIB3FF6YQXI/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/URXOIA2LDUKHQXK4BE55BQBRI6ZZG3Y6/
https://security.gentoo.org/glsa/202101-20
https://sourceware.org/bugzilla/attachment.cgi?id=12334
https://sourceware.org/bugzilla/show_bug.cgi?id=25620
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1019
https://ubuntu.com/security/notices/USN-4954-1
https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1019
| | libc6 | CVE-2021-3326 | LOW | 2.27-3ubuntu1.4 | |
Expand...http://www.openwall.com/lists/oss-security/2021/01/28/2
https://bugs.chromium.org/p/project-zero/issues/detail?id=2146
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3326
https://linux.oracle.com/cve/CVE-2021-3326.html
https://linux.oracle.com/errata/ELSA-2021-9344.html
https://security.netapp.com/advisory/ntap-20210304-0007/
https://sourceware.org/bugzilla/show_bug.cgi?id=27256
https://sourceware.org/git/?p=glibc.git;a=commit;h=7d88c6142c6efc160c0ee5e4f85cde382c072888
https://sourceware.org/pipermail/libc-alpha/2021-January/122058.html
| -| libc6 | CVE-2021-33574 | LOW | 2.27-3ubuntu1.4 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33574
https://linux.oracle.com/cve/CVE-2021-33574.html
https://linux.oracle.com/errata/ELSA-2021-9560.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBUUWUGXVILQXVWEOU7N42ICHPJNAEUP/
https://security.gentoo.org/glsa/202107-07
https://security.netapp.com/advisory/ntap-20210629-0005/
https://sourceware.org/bugzilla/show_bug.cgi?id=27896
https://sourceware.org/bugzilla/show_bug.cgi?id=27896#c1
| +| libc6 | CVE-2021-33574 | LOW | 2.27-3ubuntu1.4 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33574
https://linux.oracle.com/cve/CVE-2021-33574.html
https://linux.oracle.com/errata/ELSA-2021-9560.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KJYYIMDDYOHTP2PORLABTOHYQYYREZDD/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBUUWUGXVILQXVWEOU7N42ICHPJNAEUP/
https://security.gentoo.org/glsa/202107-07
https://security.netapp.com/advisory/ntap-20210629-0005/
https://sourceware.org/bugzilla/show_bug.cgi?id=27896
https://sourceware.org/bugzilla/show_bug.cgi?id=27896#c1
| | libc6 | CVE-2021-35942 | LOW | 2.27-3ubuntu1.4 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35942
https://linux.oracle.com/cve/CVE-2021-35942.html
https://linux.oracle.com/errata/ELSA-2021-9560.html
https://security.netapp.com/advisory/ntap-20210827-0005/
https://sourceware.org/bugzilla/show_bug.cgi?id=28011
https://sourceware.org/git/?p=glibc.git;a=commit;h=5adda61f62b77384718b4c0d8336ade8f2b4b35c
https://sourceware.org/glibc/wiki/Security%20Exceptions
| | libdbus-1-3 | CVE-2020-35512 | LOW | 1.12.2-1ubuntu1.2 | |
Expand...https://bugs.gentoo.org/755392
https://bugzilla.redhat.com/show_bug.cgi?id=1909101
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35512
https://gitlab.freedesktop.org/dbus/dbus/-/commit/2b7948ef907669e844b52c4fa2268d6e3162a70c (dbus-1.13.18)
https://gitlab.freedesktop.org/dbus/dbus/-/commit/dc94fe3d31adf72259adc31f343537151a6c0bdd (dbus-1.10.32)
https://gitlab.freedesktop.org/dbus/dbus/-/commit/f3b2574f0c9faa32a59efec905921f7ef4438a60 (dbus-1.12.20)
https://gitlab.freedesktop.org/dbus/dbus/-/issues/305
https://gitlab.freedesktop.org/dbus/dbus/-/issues/305#note_829128
https://security-tracker.debian.org/tracker/CVE-2020-35512
https://ubuntu.com/security/notices/USN-5244-1
| | libexpat1 | CVE-2022-23852 | MEDIUM | 2.2.5-3ubuntu0.2 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23852
https://github.com/libexpat/libexpat/pull/550
| +| libexpat1 | CVE-2022-23990 | MEDIUM | 2.2.5-3ubuntu0.2 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23990
https://github.com/libexpat/libexpat/pull/551
| +| libfdisk1 | CVE-2021-37600 | LOW | 2.31.1-0.4ubuntu3.7 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37600
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
| | libgcc1 | CVE-2020-13844 | MEDIUM | 8.4.0-1ubuntu1~18.04 | |
Expand...http://lists.llvm.org/pipermail/llvm-dev/2020-June/142109.html
http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00039.html
http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00040.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13844
https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability
https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability/downloads/straight-line-speculation
https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability/frequently-asked-questions
https://gcc.gnu.org/pipermail/gcc-patches/2020-June/547520.html
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=679db70801da9fda91d26caf13bf5b5ccc74e8e8
| | libglib2.0-0 | CVE-2021-3800 | MEDIUM | 2.56.4-0ubuntu0.18.04.8 | 2.56.4-0ubuntu0.18.04.9 |
Expand...https://access.redhat.com/security/cve/CVE-2021-3800
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3800
https://linux.oracle.com/cve/CVE-2021-3800.html
https://linux.oracle.com/errata/ELSA-2021-4385.html
https://ubuntu.com/security/notices/USN-5189-1
https://www.openwall.com/lists/oss-security/2017/06/23/8
| | libglib2.0-data | CVE-2021-3800 | MEDIUM | 2.56.4-0ubuntu0.18.04.8 | 2.56.4-0ubuntu0.18.04.9 |
Expand...https://access.redhat.com/security/cve/CVE-2021-3800
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3800
https://linux.oracle.com/cve/CVE-2021-3800.html
https://linux.oracle.com/errata/ELSA-2021-4385.html
https://ubuntu.com/security/notices/USN-5189-1
https://www.openwall.com/lists/oss-security/2017/06/23/8
| @@ -166,6 +172,7 @@ hide: | libkrb5support0 | CVE-2021-36222 | MEDIUM | 1.16-2ubuntu0.2 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36222
https://github.com/krb5/krb5/commit/fc98f520caefff2e5ee9a0026fdf5109944b3562
https://github.com/krb5/krb5/releases
https://linux.oracle.com/cve/CVE-2021-36222.html
https://linux.oracle.com/errata/ELSA-2021-3576.html
https://security.netapp.com/advisory/ntap-20211022-0003/
https://security.netapp.com/advisory/ntap-20211104-0007/
https://web.mit.edu/kerberos/advisories/
https://www.debian.org/security/2021/dsa-4944
https://www.oracle.com/security-alerts/cpuoct2021.html
| | libkrb5support0 | CVE-2018-5709 | LOW | 1.16-2ubuntu0.2 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5709
https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
| | libkrb5support0 | CVE-2018-5710 | LOW | 1.16-2ubuntu0.2 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5710
https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Denial%20Of%20Service(DoS)
| +| libmount1 | CVE-2021-37600 | LOW | 2.31.1-0.4ubuntu3.7 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37600
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
| | libncurses5 | CVE-2019-17594 | LOW | 6.1-1ubuntu1.18.04 | |
Expand...http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00059.html
http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00061.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17594
https://linux.oracle.com/cve/CVE-2019-17594.html
https://linux.oracle.com/errata/ELSA-2021-4426.html
https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00017.html
https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00045.html
https://security.gentoo.org/glsa/202101-28
| | libncurses5 | CVE-2019-17595 | LOW | 6.1-1ubuntu1.18.04 | |
Expand...http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00059.html
http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00061.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17595
https://linux.oracle.com/cve/CVE-2019-17595.html
https://linux.oracle.com/errata/ELSA-2021-4426.html
https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00013.html
https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00045.html
https://security.gentoo.org/glsa/202101-28
| | libncursesw5 | CVE-2019-17594 | LOW | 6.1-1ubuntu1.18.04 | |
Expand...http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00059.html
http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00061.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17594
https://linux.oracle.com/cve/CVE-2019-17594.html
https://linux.oracle.com/errata/ELSA-2021-4426.html
https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00017.html
https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00045.html
https://security.gentoo.org/glsa/202101-28
| @@ -178,17 +185,25 @@ hide: | libpng16-16 | CVE-2018-14048 | LOW | 1.6.34-1ubuntu0.18.04.2 | |
Expand...http://packetstormsecurity.com/files/152561/Slackware-Security-Advisory-libpng-Updates.html
http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14048
https://github.com/fouzhe/security/tree/master/libpng
https://github.com/glennrp/libpng/issues/238
https://seclists.org/bugtraq/2019/Apr/30
https://security.gentoo.org/glsa/201908-02
| | libpython3.6-minimal | CVE-2021-3733 | MEDIUM | 3.6.9-1~18.04ubuntu1.4 | 3.6.9-1~18.04ubuntu1.6 |
Expand...https://bugs.python.org/issue43075
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3733
https://docs.python.org/3.6/whatsnew/changelog.html#python-3-6-14-final
https://docs.python.org/3.7/whatsnew/changelog.html#python-3-7-11-final
https://docs.python.org/3.8/whatsnew/changelog.html#python-3-8-10-final
https://docs.python.org/3.9/whatsnew/changelog.html#python-3-9-5-final
https://github.com/python/cpython/commit/3fbe96123aeb66664fa547a8f6022efa2dc8788f (3.6.14)
https://github.com/python/cpython/commit/7215d1ae25525c92b026166f9d5cac85fb1defe1 (master)
https://github.com/python/cpython/commit/a21d4fbd549ec9685068a113660553d7f80d9b09 (3.9.5)
https://github.com/python/cpython/commit/ada14995870abddc277addf57dd690a2af04c2da (3.7.11)
https://github.com/python/cpython/commit/e7654b6046090914a8323931ed759a94a5f85d60 (3.8.10)
https://github.com/python/cpython/pull/24391
https://linux.oracle.com/cve/CVE-2021-3733.html
https://linux.oracle.com/errata/ELSA-2021-4160.html
https://ubuntu.com/security/notices/USN-5083-1
https://ubuntu.com/security/notices/USN-5199-1
https://ubuntu.com/security/notices/USN-5200-1
| | libpython3.6-minimal | CVE-2021-3737 | MEDIUM | 3.6.9-1~18.04ubuntu1.4 | 3.6.9-1~18.04ubuntu1.6 |
Expand...https://bugs.python.org/issue44022
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3737
https://github.com/python/cpython/commit/0389426fa4af4dfc8b1d7f3f291932d928392d8b (3.8 branch)
https://github.com/python/cpython/commit/078b146f062d212919d0ba25e34e658a8234aa63 (v3.7.11)
https://github.com/python/cpython/commit/1b6f4e5e13ebd1f957b47f7415b53d0869bdbac6 (v3.6.14
https://github.com/python/cpython/commit/5df4abd6b033a5f1e48945c6988b45e35e76f647 (v3.9.6)
https://github.com/python/cpython/commit/60ba0b68470a584103e28958d91e93a6db37ec92 (v3.10.0b2)
https://github.com/python/cpython/commit/98e5a7975d99b58d511f171816ecdfb13d5cca18 (v3.10.0b3)
https://github.com/python/cpython/commit/ea9327036680acc92d9f89eaf6f6a54d2f8d78d9 (v3.9.6)
https://github.com/python/cpython/commit/f396864ddfe914531b5856d7bf852808ebfc01ae (v3.8.11)
https://github.com/python/cpython/commit/f68d2d69f1da56c2aea1293ecf93ab69a6010ad7 (v3.6.14)
https://github.com/python/cpython/commit/fee96422e6f0056561cf74fef2012cc066c9db86 (v3.7.11)
https://github.com/python/cpython/pull/25916
https://github.com/python/cpython/pull/26503
https://linux.oracle.com/cve/CVE-2021-3737.html
https://linux.oracle.com/errata/ELSA-2021-4160.html
https://ubuntu.com/security/notices/USN-5083-1
https://ubuntu.com/security/notices/USN-5199-1
https://ubuntu.com/security/notices/USN-5200-1
https://ubuntu.com/security/notices/USN-5201-1
| +| libpython3.6-minimal | CVE-2021-4189 | MEDIUM | 3.6.9-1~18.04ubuntu1.4 | |
Expand...https://bugs.python.org/issue43285
https://bugzilla.redhat.com/show_bug.cgi?id=2036020
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4189
https://github.com/python/cpython/commit/0ab152c6b5d95caa2dc1a30fa96e10258b5f188e (master)
https://github.com/python/cpython/commit/4134f154ae2f621f25c5d698cc0f1748035a1b88 (v3.6.14)
https://github.com/python/cpython/commit/79373951b3eab585d42e0f0ab83718cbe1d0ee33 (v3.7.11)
https://github.com/python/cpython/commit/7dcb4baa4f0fde3aef5122a8e9f6a41853ec9335 (v3.9.3)
| | libpython3.6-minimal | CVE-2021-23336 | LOW | 3.6.9-1~18.04ubuntu1.4 | |
Expand...http://www.openwall.com/lists/oss-security/2021/02/19/4
http://www.openwall.com/lists/oss-security/2021/05/01/2
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23336
https://github.com/python/cpython/commit/fcbe0cb04d35189401c0c880ebfb4311e952d776 (master)
https://github.com/python/cpython/pull/24297
https://linux.oracle.com/cve/CVE-2021-23336.html
https://linux.oracle.com/errata/ELSA-2021-4162.html
https://lists.apache.org/thread.html/ra8ce70088ba291f358e077cafdb14d174b7a1ce9a9d86d1b332d6367@%3Cusers.airflow.apache.org%3E
https://lists.apache.org/thread.html/rc005f4de9d9b0ba943ceb8ff5a21a5c6ff8a9df52632476698d99432@%3Cannounce.apache.org%3E
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://lists.debian.org/debian-lts-announce/2021/02/msg00030.html
https://lists.debian.org/debian-lts-announce/2021/04/msg00005.html
https://lists.debian.org/debian-lts-announce/2021/04/msg00015.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3EPYWWFDV22CJ5AOH5VCE72DOASZZ255/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3YKKDLXL3UEZ3J426C2XTBS63AHE46SM/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/46N6A52EGSXHJYCZWVMBJJIH4NWIV2B5/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FONHJIOZOFD7CD35KZL6SVBUTMBPGZGA/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HCQTCSP6SCVIYNIRUJC5X7YBVUHPLSC4/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZTM7KLHFCE3LWSEVO2NAFLUHMGYMCRY/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IHQDU7NXA7EWAE4W7VO6MURVJIULEPPR/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KJXCMHLY7H3FIYLE4OKDYUILU2CCRUCZ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LVNH6Z24IG3E67ZCQGGJ46FZB4XFLQNZ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MNUN5SOMFL2BBKP6ZAICIIUPQKZDMGYO/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MP572OLHMS7MZO4KUPSCIMSZIA5IZZ62/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N6VXJZSZ6N64AILJX4CTMACYGQGHHD5C/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NJSCSN722JO2E2AGPWD4NTGVELVRPB4R/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NODWHDIFBQE5RU5PUWUVE47JOT5VCMJ2/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OAGSWNGZJ6HQ5ISA67SNMK3CJRKICET7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RSLQD5CCM75IZGAMBDGUZEATYU5YSGJ7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SGIY6I4YS3WOXAK4SXKIEOC2G4VZKIR7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TFTELUMWZE3KV3JB2H5EE6VFRZFRD5MV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LSKBEFI5SYEY5FM6ICZVZM5WRQUCS4/
https://security.gentoo.org/glsa/202104-04
https://security.netapp.com/advisory/ntap-20210326-0004/
https://snyk.io/blog/cache-poisoning-in-popular-open-source-packages/
https://snyk.io/vuln/SNYK-UPSTREAM-PYTHONCPYTHON-1074933
https://ubuntu.com/security/notices/USN-4742-1
https://www.djangoproject.com/weblog/2021/feb/19/security-releases/
https://www.oracle.com//security-alerts/cpujul2021.html
https://www.oracle.com/security-alerts/cpuApr2021.html
https://www.oracle.com/security-alerts/cpuoct2021.html
| | libpython3.6-minimal | CVE-2021-3426 | LOW | 3.6.9-1~18.04ubuntu1.4 | |
Expand...https://bugzilla.redhat.com/show_bug.cgi?id=1935913
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3426
https://github.com/python/cpython/pull/24285
https://github.com/python/cpython/pull/24337
https://linux.oracle.com/cve/CVE-2021-3426.html
https://linux.oracle.com/errata/ELSA-2021-9562.html
https://lists.debian.org/debian-lts-announce/2021/04/msg00005.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/25HVHLBGO2KNPXJ3G426QEYSSCECJDU5/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BF2K7HEWADHN6P52R3QLIOX27U3DJ4HI/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DQYPUKLLBOZMKFPO7RD7CENTXHUUEUV7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LM5V4VPLBHBEASSAROYPSHXGXGGPHNOE/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N6VXJZSZ6N64AILJX4CTMACYGQGHHD5C/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QNGAFMPIYIVJ47FCF2NK2PIX22HUG35B/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VPX7Y5GQDNB4FJTREWONGC4ZSVH7TGHF/
https://python-security.readthedocs.io/vuln/pydoc-getfile.html
https://security.gentoo.org/glsa/202104-04
https://security.netapp.com/advisory/ntap-20210629-0003/
https://www.oracle.com/security-alerts/cpuoct2021.html
| | libpython3.6-stdlib | CVE-2021-3733 | MEDIUM | 3.6.9-1~18.04ubuntu1.4 | 3.6.9-1~18.04ubuntu1.6 |
Expand...https://bugs.python.org/issue43075
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3733
https://docs.python.org/3.6/whatsnew/changelog.html#python-3-6-14-final
https://docs.python.org/3.7/whatsnew/changelog.html#python-3-7-11-final
https://docs.python.org/3.8/whatsnew/changelog.html#python-3-8-10-final
https://docs.python.org/3.9/whatsnew/changelog.html#python-3-9-5-final
https://github.com/python/cpython/commit/3fbe96123aeb66664fa547a8f6022efa2dc8788f (3.6.14)
https://github.com/python/cpython/commit/7215d1ae25525c92b026166f9d5cac85fb1defe1 (master)
https://github.com/python/cpython/commit/a21d4fbd549ec9685068a113660553d7f80d9b09 (3.9.5)
https://github.com/python/cpython/commit/ada14995870abddc277addf57dd690a2af04c2da (3.7.11)
https://github.com/python/cpython/commit/e7654b6046090914a8323931ed759a94a5f85d60 (3.8.10)
https://github.com/python/cpython/pull/24391
https://linux.oracle.com/cve/CVE-2021-3733.html
https://linux.oracle.com/errata/ELSA-2021-4160.html
https://ubuntu.com/security/notices/USN-5083-1
https://ubuntu.com/security/notices/USN-5199-1
https://ubuntu.com/security/notices/USN-5200-1
| | libpython3.6-stdlib | CVE-2021-3737 | MEDIUM | 3.6.9-1~18.04ubuntu1.4 | 3.6.9-1~18.04ubuntu1.6 |
Expand...https://bugs.python.org/issue44022
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3737
https://github.com/python/cpython/commit/0389426fa4af4dfc8b1d7f3f291932d928392d8b (3.8 branch)
https://github.com/python/cpython/commit/078b146f062d212919d0ba25e34e658a8234aa63 (v3.7.11)
https://github.com/python/cpython/commit/1b6f4e5e13ebd1f957b47f7415b53d0869bdbac6 (v3.6.14
https://github.com/python/cpython/commit/5df4abd6b033a5f1e48945c6988b45e35e76f647 (v3.9.6)
https://github.com/python/cpython/commit/60ba0b68470a584103e28958d91e93a6db37ec92 (v3.10.0b2)
https://github.com/python/cpython/commit/98e5a7975d99b58d511f171816ecdfb13d5cca18 (v3.10.0b3)
https://github.com/python/cpython/commit/ea9327036680acc92d9f89eaf6f6a54d2f8d78d9 (v3.9.6)
https://github.com/python/cpython/commit/f396864ddfe914531b5856d7bf852808ebfc01ae (v3.8.11)
https://github.com/python/cpython/commit/f68d2d69f1da56c2aea1293ecf93ab69a6010ad7 (v3.6.14)
https://github.com/python/cpython/commit/fee96422e6f0056561cf74fef2012cc066c9db86 (v3.7.11)
https://github.com/python/cpython/pull/25916
https://github.com/python/cpython/pull/26503
https://linux.oracle.com/cve/CVE-2021-3737.html
https://linux.oracle.com/errata/ELSA-2021-4160.html
https://ubuntu.com/security/notices/USN-5083-1
https://ubuntu.com/security/notices/USN-5199-1
https://ubuntu.com/security/notices/USN-5200-1
https://ubuntu.com/security/notices/USN-5201-1
| +| libpython3.6-stdlib | CVE-2021-4189 | MEDIUM | 3.6.9-1~18.04ubuntu1.4 | |
Expand...https://bugs.python.org/issue43285
https://bugzilla.redhat.com/show_bug.cgi?id=2036020
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4189
https://github.com/python/cpython/commit/0ab152c6b5d95caa2dc1a30fa96e10258b5f188e (master)
https://github.com/python/cpython/commit/4134f154ae2f621f25c5d698cc0f1748035a1b88 (v3.6.14)
https://github.com/python/cpython/commit/79373951b3eab585d42e0f0ab83718cbe1d0ee33 (v3.7.11)
https://github.com/python/cpython/commit/7dcb4baa4f0fde3aef5122a8e9f6a41853ec9335 (v3.9.3)
| | libpython3.6-stdlib | CVE-2021-23336 | LOW | 3.6.9-1~18.04ubuntu1.4 | |
Expand...http://www.openwall.com/lists/oss-security/2021/02/19/4
http://www.openwall.com/lists/oss-security/2021/05/01/2
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23336
https://github.com/python/cpython/commit/fcbe0cb04d35189401c0c880ebfb4311e952d776 (master)
https://github.com/python/cpython/pull/24297
https://linux.oracle.com/cve/CVE-2021-23336.html
https://linux.oracle.com/errata/ELSA-2021-4162.html
https://lists.apache.org/thread.html/ra8ce70088ba291f358e077cafdb14d174b7a1ce9a9d86d1b332d6367@%3Cusers.airflow.apache.org%3E
https://lists.apache.org/thread.html/rc005f4de9d9b0ba943ceb8ff5a21a5c6ff8a9df52632476698d99432@%3Cannounce.apache.org%3E
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://lists.debian.org/debian-lts-announce/2021/02/msg00030.html
https://lists.debian.org/debian-lts-announce/2021/04/msg00005.html
https://lists.debian.org/debian-lts-announce/2021/04/msg00015.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3EPYWWFDV22CJ5AOH5VCE72DOASZZ255/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3YKKDLXL3UEZ3J426C2XTBS63AHE46SM/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/46N6A52EGSXHJYCZWVMBJJIH4NWIV2B5/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FONHJIOZOFD7CD35KZL6SVBUTMBPGZGA/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HCQTCSP6SCVIYNIRUJC5X7YBVUHPLSC4/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZTM7KLHFCE3LWSEVO2NAFLUHMGYMCRY/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IHQDU7NXA7EWAE4W7VO6MURVJIULEPPR/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KJXCMHLY7H3FIYLE4OKDYUILU2CCRUCZ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LVNH6Z24IG3E67ZCQGGJ46FZB4XFLQNZ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MNUN5SOMFL2BBKP6ZAICIIUPQKZDMGYO/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MP572OLHMS7MZO4KUPSCIMSZIA5IZZ62/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N6VXJZSZ6N64AILJX4CTMACYGQGHHD5C/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NJSCSN722JO2E2AGPWD4NTGVELVRPB4R/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NODWHDIFBQE5RU5PUWUVE47JOT5VCMJ2/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OAGSWNGZJ6HQ5ISA67SNMK3CJRKICET7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RSLQD5CCM75IZGAMBDGUZEATYU5YSGJ7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SGIY6I4YS3WOXAK4SXKIEOC2G4VZKIR7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TFTELUMWZE3KV3JB2H5EE6VFRZFRD5MV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LSKBEFI5SYEY5FM6ICZVZM5WRQUCS4/
https://security.gentoo.org/glsa/202104-04
https://security.netapp.com/advisory/ntap-20210326-0004/
https://snyk.io/blog/cache-poisoning-in-popular-open-source-packages/
https://snyk.io/vuln/SNYK-UPSTREAM-PYTHONCPYTHON-1074933
https://ubuntu.com/security/notices/USN-4742-1
https://www.djangoproject.com/weblog/2021/feb/19/security-releases/
https://www.oracle.com//security-alerts/cpujul2021.html
https://www.oracle.com/security-alerts/cpuApr2021.html
https://www.oracle.com/security-alerts/cpuoct2021.html
| | libpython3.6-stdlib | CVE-2021-3426 | LOW | 3.6.9-1~18.04ubuntu1.4 | |
Expand...https://bugzilla.redhat.com/show_bug.cgi?id=1935913
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3426
https://github.com/python/cpython/pull/24285
https://github.com/python/cpython/pull/24337
https://linux.oracle.com/cve/CVE-2021-3426.html
https://linux.oracle.com/errata/ELSA-2021-9562.html
https://lists.debian.org/debian-lts-announce/2021/04/msg00005.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/25HVHLBGO2KNPXJ3G426QEYSSCECJDU5/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BF2K7HEWADHN6P52R3QLIOX27U3DJ4HI/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DQYPUKLLBOZMKFPO7RD7CENTXHUUEUV7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LM5V4VPLBHBEASSAROYPSHXGXGGPHNOE/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N6VXJZSZ6N64AILJX4CTMACYGQGHHD5C/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QNGAFMPIYIVJ47FCF2NK2PIX22HUG35B/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VPX7Y5GQDNB4FJTREWONGC4ZSVH7TGHF/
https://python-security.readthedocs.io/vuln/pydoc-getfile.html
https://security.gentoo.org/glsa/202104-04
https://security.netapp.com/advisory/ntap-20210629-0003/
https://www.oracle.com/security-alerts/cpuoct2021.html
| | libroken18-heimdal | CVE-2019-12098 | LOW | 7.5.0+dfsg-1 | |
Expand...http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00002.html
http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00003.html
http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00026.html
http://www.h5l.org/pipermail/heimdal-announce/2019-May/000009.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12098
https://github.com/heimdal/heimdal/commit/2f7f3d9960aa6ea21358bdf3687cee5149aa35cf
https://github.com/heimdal/heimdal/compare/3e58559...bbafe72
https://github.com/heimdal/heimdal/releases/tag/heimdal-7.6.0
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GIXEDVVMPD6ZAJSMI2EZ7FNEIVNWE5PD/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SLXXIF4LOQEAEDAF4UGP2AO6WDNTDFUB/
https://seclists.org/bugtraq/2019/Jun/1
https://www.debian.org/security/2019/dsa-4455
| | libroken18-heimdal | CVE-2021-3671 | LOW | 7.5.0+dfsg-1 | |
Expand...https://bugzilla.redhat.com/show_bug.cgi?id=2013080,
https://bugzilla.samba.org/show_bug.cgi?id=14770,
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671
https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a
https://ubuntu.com/security/notices/USN-5142-1
https://ubuntu.com/security/notices/USN-5174-1
| +| libsepol1 | CVE-2021-36084 | LOW | 2.7-1 | |
Expand...https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31065
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36084
https://github.com/SELinuxProject/selinux/commit/f34d3d30c8325e4847a6b696fe7a3936a8a361f3
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-417.yaml
https://linux.oracle.com/cve/CVE-2021-36084.html
https://linux.oracle.com/errata/ELSA-2021-4513.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/
| +| libsepol1 | CVE-2021-36085 | LOW | 2.7-1 | |
Expand...https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31124
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36085
https://github.com/SELinuxProject/selinux/commit/2d35fcc7e9e976a2346b1de20e54f8663e8a6cba
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-421.yaml
https://linux.oracle.com/cve/CVE-2021-36085.html
https://linux.oracle.com/errata/ELSA-2021-4513.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/
| +| libsepol1 | CVE-2021-36086 | LOW | 2.7-1 | |
Expand...https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32177
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36086
https://github.com/SELinuxProject/selinux/commit/c49a8ea09501ad66e799ea41b8154b6770fec2c8
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-536.yaml
https://linux.oracle.com/cve/CVE-2021-36086.html
https://linux.oracle.com/errata/ELSA-2021-4513.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/
| +| libsepol1 | CVE-2021-36087 | LOW | 2.7-1 | |
Expand...https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32675
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36087
https://github.com/SELinuxProject/selinux/commit/340f0eb7f3673e8aacaf0a96cbfcd4d12a405521
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-585.yaml
https://linux.oracle.com/cve/CVE-2021-36087.html
https://linux.oracle.com/errata/ELSA-2021-4513.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/
https://lore.kernel.org/selinux/CAEN2sdqJKHvDzPnxS-J8grU8fSf32DDtx=kyh84OsCq_Vm+yaQ@mail.gmail.com/T/
| +| libsmartcols1 | CVE-2021-37600 | LOW | 2.31.1-0.4ubuntu3.7 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37600
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
| | libsqlite3-0 | CVE-2020-9794 | MEDIUM | 3.22.0-1ubuntu0.4 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9794
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://support.apple.com/HT211168
https://support.apple.com/HT211170
https://support.apple.com/HT211171
https://support.apple.com/HT211175
https://support.apple.com/HT211178
https://support.apple.com/HT211179
https://support.apple.com/HT211181
https://vuldb.com/?id.155768
| | libsqlite3-0 | CVE-2020-9849 | LOW | 3.22.0-1ubuntu0.4 | |
Expand...http://seclists.org/fulldisclosure/2020/Dec/32
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9849
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://support.apple.com/en-us/HT211843
https://support.apple.com/en-us/HT211844
https://support.apple.com/en-us/HT211850
https://support.apple.com/en-us/HT211931
https://support.apple.com/en-us/HT211935
https://support.apple.com/en-us/HT211952
https://www.rapid7.com/db/vulnerabilities/apple-osx-sqlite-cve-2020-9849/
| | libsqlite3-0 | CVE-2020-9991 | LOW | 3.22.0-1ubuntu0.4 | |
Expand...http://seclists.org/fulldisclosure/2020/Dec/32
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9991
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://support.apple.com/en-us/HT211843
https://support.apple.com/en-us/HT211844
https://support.apple.com/en-us/HT211847
https://support.apple.com/en-us/HT211850
https://support.apple.com/en-us/HT211931
https://support.apple.com/kb/HT211846
https://www.rapid7.com/db/vulnerabilities/apple-osx-sqlite-cve-2020-9991/
| +| libsqlite3-0 | CVE-2021-36690 | LOW | 3.22.0-1ubuntu0.4 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36690
https://www.sqlite.org/forum/forumpost/718c0a8d17
| | libstdc++6 | CVE-2020-13844 | MEDIUM | 8.4.0-1ubuntu1~18.04 | |
Expand...http://lists.llvm.org/pipermail/llvm-dev/2020-June/142109.html
http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00039.html
http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00040.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13844
https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability
https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability/downloads/straight-line-speculation
https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability/frequently-asked-questions
https://gcc.gnu.org/pipermail/gcc-patches/2020-June/547520.html
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=679db70801da9fda91d26caf13bf5b5ccc74e8e8
| | libtasn1-6 | CVE-2018-1000654 | LOW | 4.13-2 | |
Expand...http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00009.html
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00018.html
http://www.securityfocus.com/bid/105151
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000654
https://gitlab.com/gnutls/libtasn1/issues/4
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
| | libtiff5 | CVE-2018-10126 | LOW | 4.0.9-5ubuntu0.4 | |
Expand...http://bugzilla.maptools.org/show_bug.cgi?id=2786
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10126
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
| @@ -196,10 +211,10 @@ hide: | libtiff5 | CVE-2020-19144 | LOW | 4.0.9-5ubuntu0.4 | |
Expand...http://bugzilla.maptools.org/show_bug.cgi?id=2852
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-19144
https://gitlab.com/libtiff/libtiff/-/issues/159
https://lists.debian.org/debian-lts-announce/2021/10/msg00004.html
https://security.netapp.com/advisory/ntap-20211004-0005/
| | libtinfo5 | CVE-2019-17594 | LOW | 6.1-1ubuntu1.18.04 | |
Expand...http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00059.html
http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00061.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17594
https://linux.oracle.com/cve/CVE-2019-17594.html
https://linux.oracle.com/errata/ELSA-2021-4426.html
https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00017.html
https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00045.html
https://security.gentoo.org/glsa/202101-28
| | libtinfo5 | CVE-2019-17595 | LOW | 6.1-1ubuntu1.18.04 | |
Expand...http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00059.html
http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00061.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17595
https://linux.oracle.com/cve/CVE-2019-17595.html
https://linux.oracle.com/errata/ELSA-2021-4426.html
https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00013.html
https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00045.html
https://security.gentoo.org/glsa/202101-28
| +| libuuid1 | CVE-2021-37600 | LOW | 2.31.1-0.4ubuntu3.7 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37600
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
| | libwind0-heimdal | CVE-2019-12098 | LOW | 7.5.0+dfsg-1 | |
Expand...http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00002.html
http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00003.html
http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00026.html
http://www.h5l.org/pipermail/heimdal-announce/2019-May/000009.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12098
https://github.com/heimdal/heimdal/commit/2f7f3d9960aa6ea21358bdf3687cee5149aa35cf
https://github.com/heimdal/heimdal/compare/3e58559...bbafe72
https://github.com/heimdal/heimdal/releases/tag/heimdal-7.6.0
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GIXEDVVMPD6ZAJSMI2EZ7FNEIVNWE5PD/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SLXXIF4LOQEAEDAF4UGP2AO6WDNTDFUB/
https://seclists.org/bugtraq/2019/Jun/1
https://www.debian.org/security/2019/dsa-4455
| | libwind0-heimdal | CVE-2021-3671 | LOW | 7.5.0+dfsg-1 | |
Expand...https://bugzilla.redhat.com/show_bug.cgi?id=2013080,
https://bugzilla.samba.org/show_bug.cgi?id=14770,
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3671
https://github.com/heimdal/heimdal/commit/04171147948d0a3636bc6374181926f0fb2ec83a
https://ubuntu.com/security/notices/USN-5142-1
https://ubuntu.com/security/notices/USN-5174-1
| | locales | CVE-2021-38604 | MEDIUM | 2.27-3ubuntu1.4 | |
Expand...https://blog.tuxcare.com/cve/tuxcare-team-identifies-cve-2021-38604-a-new-vulnerability-in-glibc
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38604
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GYEXYM37RCJWJ6B5KQUYQI4NZBDDYSXP/
https://security.netapp.com/advisory/ntap-20210909-0005/
https://sourceware.org/bugzilla/show_bug.cgi?id=28213
https://sourceware.org/git/?p=glibc.git;a=commit;h=4cc79c217744743077bf7a0ec5e0a4318f1e6641
https://sourceware.org/git/?p=glibc.git;a=commit;h=b805aebd42364fe696e417808a700fdb9800c9e8
| -| locales | CVE-2021-3998 | MEDIUM | 2.27-3ubuntu1.4 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3998
https://www.openwall.com/lists/oss-security/2022/01/24/4
| | locales | CVE-2021-3999 | MEDIUM | 2.27-3ubuntu1.4 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3999
https://www.openwall.com/lists/oss-security/2022/01/24/4
| | locales | CVE-2022-23218 | MEDIUM | 2.27-3ubuntu1.4 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23218
https://sourceware.org/bugzilla/show_bug.cgi?id=28768
| | locales | CVE-2022-23219 | MEDIUM | 2.27-3ubuntu1.4 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23219
https://sourceware.org/bugzilla/show_bug.cgi?id=22542
| @@ -209,14 +224,15 @@ hide: | locales | CVE-2016-10739 | LOW | 2.27-3ubuntu1.4 | |
Expand...http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00082.html
http://www.securityfocus.com/bid/106672
https://access.redhat.com/errata/RHSA-2019:2118
https://access.redhat.com/errata/RHSA-2019:3513
https://bugzilla.redhat.com/show_bug.cgi?id=1347549
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10739
https://linux.oracle.com/cve/CVE-2016-10739.html
https://linux.oracle.com/errata/ELSA-2019-3513.html
https://sourceware.org/bugzilla/show_bug.cgi?id=20018
| | locales | CVE-2019-25013 | LOW | 2.27-3ubuntu1.4 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25013
https://linux.oracle.com/cve/CVE-2019-25013.html
https://linux.oracle.com/errata/ELSA-2021-9344.html
https://lists.apache.org/thread.html/r32d767ac804e9b8aad4355bb85960a6a1385eab7afff549a5e98660f@%3Cjira.kafka.apache.org%3E
https://lists.apache.org/thread.html/r448bb851cc8e6e3f93f3c28c70032b37062625d81214744474ac49e7@%3Cdev.kafka.apache.org%3E
https://lists.apache.org/thread.html/r4806a391091e082bdea17266452ca656ebc176e51bb3932733b3a0a2@%3Cjira.kafka.apache.org%3E
https://lists.apache.org/thread.html/r499e4f96d0b5109ef083f2feccd33c51650c1b7d7068aa3bd47efca9@%3Cjira.kafka.apache.org%3E
https://lists.apache.org/thread.html/r5af4430421bb6f9973294691a7904bbd260937e9eef96b20556f43ff@%3Cjira.kafka.apache.org%3E
https://lists.apache.org/thread.html/r750eee18542bc02bd8350861c424ee60a9b9b225568fa09436a37ece@%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r7a2e94adfe0a2f0a1d42e4927e8c32ecac97d37db9cb68095fe9ddbc@%3Cdev.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rd2354f9ccce41e494fbadcbc5ad87218de6ec0fff8a7b54c8462226c@%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4Y6TX47P47KABSFOL26FLDNVCWXDKDEZ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TVCUNLQ3HXGS4VPUQKWTJGRAW2KTFGXS/
https://security.netapp.com/advisory/ntap-20210205-0004/
https://sourceware.org/bugzilla/show_bug.cgi?id=24973
https://sourceware.org/git/?p=glibc.git;a=commit;h=ee7a3144c9922808181009b7b3e50e852fb4999b
| | locales | CVE-2020-27618 | LOW | 2.27-3ubuntu1.4 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27618
https://linux.oracle.com/cve/CVE-2020-27618.html
https://linux.oracle.com/errata/ELSA-2021-9344.html
https://security.netapp.com/advisory/ntap-20210401-0006/
https://sourceware.org/bugzilla/show_bug.cgi?id=19519#c21
https://sourceware.org/bugzilla/show_bug.cgi?id=26224
| +| locales | CVE-2020-29562 | LOW | 2.27-3ubuntu1.4 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29562
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TVCUNLQ3HXGS4VPUQKWTJGRAW2KTFGXS/
https://security.gentoo.org/glsa/202101-20
https://security.netapp.com/advisory/ntap-20210122-0004/
https://sourceware.org/bugzilla/show_bug.cgi?id=26923
https://sourceware.org/pipermail/libc-alpha/2020-November/119822.html
| | locales | CVE-2020-6096 | LOW | 2.27-3ubuntu1.4 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6096
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SPYXTDOOB4PQGTYAMZAZNJIB3FF6YQXI/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/URXOIA2LDUKHQXK4BE55BQBRI6ZZG3Y6/
https://security.gentoo.org/glsa/202101-20
https://sourceware.org/bugzilla/attachment.cgi?id=12334
https://sourceware.org/bugzilla/show_bug.cgi?id=25620
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1019
https://ubuntu.com/security/notices/USN-4954-1
https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1019
| | locales | CVE-2021-3326 | LOW | 2.27-3ubuntu1.4 | |
Expand...http://www.openwall.com/lists/oss-security/2021/01/28/2
https://bugs.chromium.org/p/project-zero/issues/detail?id=2146
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3326
https://linux.oracle.com/cve/CVE-2021-3326.html
https://linux.oracle.com/errata/ELSA-2021-9344.html
https://security.netapp.com/advisory/ntap-20210304-0007/
https://sourceware.org/bugzilla/show_bug.cgi?id=27256
https://sourceware.org/git/?p=glibc.git;a=commit;h=7d88c6142c6efc160c0ee5e4f85cde382c072888
https://sourceware.org/pipermail/libc-alpha/2021-January/122058.html
| -| locales | CVE-2021-33574 | LOW | 2.27-3ubuntu1.4 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33574
https://linux.oracle.com/cve/CVE-2021-33574.html
https://linux.oracle.com/errata/ELSA-2021-9560.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBUUWUGXVILQXVWEOU7N42ICHPJNAEUP/
https://security.gentoo.org/glsa/202107-07
https://security.netapp.com/advisory/ntap-20210629-0005/
https://sourceware.org/bugzilla/show_bug.cgi?id=27896
https://sourceware.org/bugzilla/show_bug.cgi?id=27896#c1
| +| locales | CVE-2021-33574 | LOW | 2.27-3ubuntu1.4 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33574
https://linux.oracle.com/cve/CVE-2021-33574.html
https://linux.oracle.com/errata/ELSA-2021-9560.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KJYYIMDDYOHTP2PORLABTOHYQYYREZDD/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBUUWUGXVILQXVWEOU7N42ICHPJNAEUP/
https://security.gentoo.org/glsa/202107-07
https://security.netapp.com/advisory/ntap-20210629-0005/
https://sourceware.org/bugzilla/show_bug.cgi?id=27896
https://sourceware.org/bugzilla/show_bug.cgi?id=27896#c1
| | locales | CVE-2021-35942 | LOW | 2.27-3ubuntu1.4 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35942
https://linux.oracle.com/cve/CVE-2021-35942.html
https://linux.oracle.com/errata/ELSA-2021-9560.html
https://security.netapp.com/advisory/ntap-20210827-0005/
https://sourceware.org/bugzilla/show_bug.cgi?id=28011
https://sourceware.org/git/?p=glibc.git;a=commit;h=5adda61f62b77384718b4c0d8336ade8f2b4b35c
https://sourceware.org/glibc/wiki/Security%20Exceptions
| | login | CVE-2013-4235 | LOW | 1:4.5-1ubuntu2 | |
Expand...https://access.redhat.com/security/cve/cve-2013-4235
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security-tracker.debian.org/tracker/CVE-2013-4235
| -| login | CVE-2018-7169 | LOW | 1:4.5-1ubuntu2 | |
Expand...https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1729357
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7169
https://github.com/shadow-maint/shadow/pull/97
https://security.gentoo.org/glsa/201805-09
| +| login | CVE-2018-7169 | LOW | 1:4.5-1ubuntu2 | 1:4.5-1ubuntu2.2 |
Expand...https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1729357
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7169
https://github.com/shadow-maint/shadow/pull/97
https://security.gentoo.org/glsa/201805-09
https://ubuntu.com/security/notices/USN-5254-1
| +| mount | CVE-2021-37600 | LOW | 2.31.1-0.4ubuntu3.7 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37600
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
| | multiarch-support | CVE-2021-38604 | MEDIUM | 2.27-3ubuntu1.4 | |
Expand...https://blog.tuxcare.com/cve/tuxcare-team-identifies-cve-2021-38604-a-new-vulnerability-in-glibc
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38604
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GYEXYM37RCJWJ6B5KQUYQI4NZBDDYSXP/
https://security.netapp.com/advisory/ntap-20210909-0005/
https://sourceware.org/bugzilla/show_bug.cgi?id=28213
https://sourceware.org/git/?p=glibc.git;a=commit;h=4cc79c217744743077bf7a0ec5e0a4318f1e6641
https://sourceware.org/git/?p=glibc.git;a=commit;h=b805aebd42364fe696e417808a700fdb9800c9e8
| -| multiarch-support | CVE-2021-3998 | MEDIUM | 2.27-3ubuntu1.4 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3998
https://www.openwall.com/lists/oss-security/2022/01/24/4
| | multiarch-support | CVE-2021-3999 | MEDIUM | 2.27-3ubuntu1.4 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3999
https://www.openwall.com/lists/oss-security/2022/01/24/4
| | multiarch-support | CVE-2022-23218 | MEDIUM | 2.27-3ubuntu1.4 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23218
https://sourceware.org/bugzilla/show_bug.cgi?id=28768
| | multiarch-support | CVE-2022-23219 | MEDIUM | 2.27-3ubuntu1.4 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23219
https://sourceware.org/bugzilla/show_bug.cgi?id=22542
| @@ -226,28 +242,32 @@ hide: | multiarch-support | CVE-2016-10739 | LOW | 2.27-3ubuntu1.4 | |
Expand...http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00082.html
http://www.securityfocus.com/bid/106672
https://access.redhat.com/errata/RHSA-2019:2118
https://access.redhat.com/errata/RHSA-2019:3513
https://bugzilla.redhat.com/show_bug.cgi?id=1347549
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10739
https://linux.oracle.com/cve/CVE-2016-10739.html
https://linux.oracle.com/errata/ELSA-2019-3513.html
https://sourceware.org/bugzilla/show_bug.cgi?id=20018
| | multiarch-support | CVE-2019-25013 | LOW | 2.27-3ubuntu1.4 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25013
https://linux.oracle.com/cve/CVE-2019-25013.html
https://linux.oracle.com/errata/ELSA-2021-9344.html
https://lists.apache.org/thread.html/r32d767ac804e9b8aad4355bb85960a6a1385eab7afff549a5e98660f@%3Cjira.kafka.apache.org%3E
https://lists.apache.org/thread.html/r448bb851cc8e6e3f93f3c28c70032b37062625d81214744474ac49e7@%3Cdev.kafka.apache.org%3E
https://lists.apache.org/thread.html/r4806a391091e082bdea17266452ca656ebc176e51bb3932733b3a0a2@%3Cjira.kafka.apache.org%3E
https://lists.apache.org/thread.html/r499e4f96d0b5109ef083f2feccd33c51650c1b7d7068aa3bd47efca9@%3Cjira.kafka.apache.org%3E
https://lists.apache.org/thread.html/r5af4430421bb6f9973294691a7904bbd260937e9eef96b20556f43ff@%3Cjira.kafka.apache.org%3E
https://lists.apache.org/thread.html/r750eee18542bc02bd8350861c424ee60a9b9b225568fa09436a37ece@%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r7a2e94adfe0a2f0a1d42e4927e8c32ecac97d37db9cb68095fe9ddbc@%3Cdev.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rd2354f9ccce41e494fbadcbc5ad87218de6ec0fff8a7b54c8462226c@%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4Y6TX47P47KABSFOL26FLDNVCWXDKDEZ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TVCUNLQ3HXGS4VPUQKWTJGRAW2KTFGXS/
https://security.netapp.com/advisory/ntap-20210205-0004/
https://sourceware.org/bugzilla/show_bug.cgi?id=24973
https://sourceware.org/git/?p=glibc.git;a=commit;h=ee7a3144c9922808181009b7b3e50e852fb4999b
| | multiarch-support | CVE-2020-27618 | LOW | 2.27-3ubuntu1.4 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27618
https://linux.oracle.com/cve/CVE-2020-27618.html
https://linux.oracle.com/errata/ELSA-2021-9344.html
https://security.netapp.com/advisory/ntap-20210401-0006/
https://sourceware.org/bugzilla/show_bug.cgi?id=19519#c21
https://sourceware.org/bugzilla/show_bug.cgi?id=26224
| +| multiarch-support | CVE-2020-29562 | LOW | 2.27-3ubuntu1.4 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29562
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TVCUNLQ3HXGS4VPUQKWTJGRAW2KTFGXS/
https://security.gentoo.org/glsa/202101-20
https://security.netapp.com/advisory/ntap-20210122-0004/
https://sourceware.org/bugzilla/show_bug.cgi?id=26923
https://sourceware.org/pipermail/libc-alpha/2020-November/119822.html
| | multiarch-support | CVE-2020-6096 | LOW | 2.27-3ubuntu1.4 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6096
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SPYXTDOOB4PQGTYAMZAZNJIB3FF6YQXI/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/URXOIA2LDUKHQXK4BE55BQBRI6ZZG3Y6/
https://security.gentoo.org/glsa/202101-20
https://sourceware.org/bugzilla/attachment.cgi?id=12334
https://sourceware.org/bugzilla/show_bug.cgi?id=25620
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1019
https://ubuntu.com/security/notices/USN-4954-1
https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1019
| | multiarch-support | CVE-2021-3326 | LOW | 2.27-3ubuntu1.4 | |
Expand...http://www.openwall.com/lists/oss-security/2021/01/28/2
https://bugs.chromium.org/p/project-zero/issues/detail?id=2146
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3326
https://linux.oracle.com/cve/CVE-2021-3326.html
https://linux.oracle.com/errata/ELSA-2021-9344.html
https://security.netapp.com/advisory/ntap-20210304-0007/
https://sourceware.org/bugzilla/show_bug.cgi?id=27256
https://sourceware.org/git/?p=glibc.git;a=commit;h=7d88c6142c6efc160c0ee5e4f85cde382c072888
https://sourceware.org/pipermail/libc-alpha/2021-January/122058.html
| -| multiarch-support | CVE-2021-33574 | LOW | 2.27-3ubuntu1.4 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33574
https://linux.oracle.com/cve/CVE-2021-33574.html
https://linux.oracle.com/errata/ELSA-2021-9560.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBUUWUGXVILQXVWEOU7N42ICHPJNAEUP/
https://security.gentoo.org/glsa/202107-07
https://security.netapp.com/advisory/ntap-20210629-0005/
https://sourceware.org/bugzilla/show_bug.cgi?id=27896
https://sourceware.org/bugzilla/show_bug.cgi?id=27896#c1
| +| multiarch-support | CVE-2021-33574 | LOW | 2.27-3ubuntu1.4 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33574
https://linux.oracle.com/cve/CVE-2021-33574.html
https://linux.oracle.com/errata/ELSA-2021-9560.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KJYYIMDDYOHTP2PORLABTOHYQYYREZDD/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBUUWUGXVILQXVWEOU7N42ICHPJNAEUP/
https://security.gentoo.org/glsa/202107-07
https://security.netapp.com/advisory/ntap-20210629-0005/
https://sourceware.org/bugzilla/show_bug.cgi?id=27896
https://sourceware.org/bugzilla/show_bug.cgi?id=27896#c1
| | multiarch-support | CVE-2021-35942 | LOW | 2.27-3ubuntu1.4 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35942
https://linux.oracle.com/cve/CVE-2021-35942.html
https://linux.oracle.com/errata/ELSA-2021-9560.html
https://security.netapp.com/advisory/ntap-20210827-0005/
https://sourceware.org/bugzilla/show_bug.cgi?id=28011
https://sourceware.org/git/?p=glibc.git;a=commit;h=5adda61f62b77384718b4c0d8336ade8f2b4b35c
https://sourceware.org/glibc/wiki/Security%20Exceptions
| | ncurses-base | CVE-2019-17594 | LOW | 6.1-1ubuntu1.18.04 | |
Expand...http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00059.html
http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00061.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17594
https://linux.oracle.com/cve/CVE-2019-17594.html
https://linux.oracle.com/errata/ELSA-2021-4426.html
https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00017.html
https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00045.html
https://security.gentoo.org/glsa/202101-28
| | ncurses-base | CVE-2019-17595 | LOW | 6.1-1ubuntu1.18.04 | |
Expand...http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00059.html
http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00061.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17595
https://linux.oracle.com/cve/CVE-2019-17595.html
https://linux.oracle.com/errata/ELSA-2021-4426.html
https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00013.html
https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00045.html
https://security.gentoo.org/glsa/202101-28
| | ncurses-bin | CVE-2019-17594 | LOW | 6.1-1ubuntu1.18.04 | |
Expand...http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00059.html
http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00061.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17594
https://linux.oracle.com/cve/CVE-2019-17594.html
https://linux.oracle.com/errata/ELSA-2021-4426.html
https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00017.html
https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00045.html
https://security.gentoo.org/glsa/202101-28
| | ncurses-bin | CVE-2019-17595 | LOW | 6.1-1ubuntu1.18.04 | |
Expand...http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00059.html
http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00061.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17595
https://linux.oracle.com/cve/CVE-2019-17595.html
https://linux.oracle.com/errata/ELSA-2021-4426.html
https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00013.html
https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00045.html
https://security.gentoo.org/glsa/202101-28
| | passwd | CVE-2013-4235 | LOW | 1:4.5-1ubuntu2 | |
Expand...https://access.redhat.com/security/cve/cve-2013-4235
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4235
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4235
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security-tracker.debian.org/tracker/CVE-2013-4235
| -| passwd | CVE-2018-7169 | LOW | 1:4.5-1ubuntu2 | |
Expand...https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1729357
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7169
https://github.com/shadow-maint/shadow/pull/97
https://security.gentoo.org/glsa/201805-09
| +| passwd | CVE-2018-7169 | LOW | 1:4.5-1ubuntu2 | 1:4.5-1ubuntu2.2 |
Expand...https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1729357
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7169
https://github.com/shadow-maint/shadow/pull/97
https://security.gentoo.org/glsa/201805-09
https://ubuntu.com/security/notices/USN-5254-1
| | perl-base | CVE-2020-16156 | MEDIUM | 5.26.1-6ubuntu0.5 | |
Expand...http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html
https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16156
https://github.com/andk/cpanpm/commit/b27c51adf0fda25dee84cb72cb2b1bf7d832148c
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SD6RYOJII7HRJ6WVORFNVTYNOFY5JDXN/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SZ32AJIV4RHJMLWLU5QULGKMMIHYOMDC/
https://metacpan.org/pod/distribution/CPAN/scripts/cpan
| | python3-pil | CVE-2022-22815 | MEDIUM | 5.1.0-1ubuntu0.6 | 5.1.0-1ubuntu0.7 |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22815
https://github.com/advisories/GHSA-pw3c-h7wp-cvhx
https://github.com/python-pillow/Pillow/blob/c5d9223a8b5e9295d15b5a9b1ef1dae44c8499f3/src/path.c#L331
https://lists.debian.org/debian-lts-announce/2022/01/msg00018.html
https://nvd.nist.gov/vuln/detail/CVE-2022-22815
https://pillow.readthedocs.io/en/stable/releasenotes/9.0.0.html#fixed-imagepath-path-array-handling
https://ubuntu.com/security/notices/USN-5227-1
https://ubuntu.com/security/notices/USN-5227-2
https://www.debian.org/security/2022/dsa-5053
| -| python3-pil | CVE-2022-22817 | MEDIUM | 5.1.0-1ubuntu0.6 | 5.1.0-1ubuntu0.7 |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22817
https://github.com/advisories/GHSA-8vj2-vxx3-667w
https://lists.debian.org/debian-lts-announce/2022/01/msg00018.html
https://nvd.nist.gov/vuln/detail/CVE-2022-22817
https://pillow.readthedocs.io/en/stable/releasenotes/9.0.0.html#restrict-builtins-available-to-imagemath-eval
https://ubuntu.com/security/notices/USN-5227-1
https://ubuntu.com/security/notices/USN-5227-2
https://www.debian.org/security/2022/dsa-5053
| +| python3-pil | CVE-2022-22817 | MEDIUM | 5.1.0-1ubuntu0.6 | 5.1.0-1ubuntu0.7 |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22817
https://github.com/advisories/GHSA-8vj2-vxx3-667w
https://lists.debian.org/debian-lts-announce/2022/01/msg00018.html
https://nvd.nist.gov/vuln/detail/CVE-2022-22817
https://pillow.readthedocs.io/en/stable/releasenotes/9.0.0.html#fixed-imagepath-path-array-handling
https://pillow.readthedocs.io/en/stable/releasenotes/9.0.0.html#restrict-builtins-available-to-imagemath-eval
https://ubuntu.com/security/notices/USN-5227-1
https://ubuntu.com/security/notices/USN-5227-2
https://www.debian.org/security/2022/dsa-5053
| | python3-pil | CVE-2021-23437 | LOW | 5.1.0-1ubuntu0.6 | 5.1.0-1ubuntu0.7 |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23437
https://github.com/advisories/GHSA-98vv-pw6r-q6q4
https://github.com/python-pillow/Pillow/commit/9e08eb8f78fdfd2f476e1b20b7cf38683754866b
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RNSG6VFXTAROGF7ACYLMAZNQV4EJ6I2C/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VKRCL7KKAKOXCVD7M6WC5OKFGL4L3SJT/
https://nvd.nist.gov/vuln/detail/CVE-2021-23437
https://pillow.readthedocs.io/en/stable/releasenotes/8.3.2.html
https://snyk.io/vuln/SNYK-PYTHON-PILLOW-1319443
https://ubuntu.com/security/notices/USN-5227-1
https://ubuntu.com/security/notices/USN-5227-2
| | python3-pil | CVE-2021-34552 | LOW | 5.1.0-1ubuntu0.6 | 5.1.0-1ubuntu0.7 |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34552
https://github.com/advisories/GHSA-7534-mm45-c74v
https://lists.debian.org/debian-lts-announce/2021/07/msg00018.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7V6LCG525ARIX6LX5QRYNAWVDD2MD2SV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VUGBBT63VL7G4JNOEIPDJIOC34ZFBKNJ/
https://nvd.nist.gov/vuln/detail/CVE-2021-34552
https://pillow.readthedocs.io/en/stable/releasenotes/8.3.0.html#buffer-overflow
https://pillow.readthedocs.io/en/stable/releasenotes/index.html
https://ubuntu.com/security/notices/USN-5227-1
https://ubuntu.com/security/notices/USN-5227-2
| | python3-pil | CVE-2022-22816 | LOW | 5.1.0-1ubuntu0.6 | 5.1.0-1ubuntu0.7 |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22816
https://github.com/advisories/GHSA-xrcv-f9gm-v42c
https://github.com/python-pillow/Pillow/blob/c5d9223a8b5e9295d15b5a9b1ef1dae44c8499f3/src/path.c#L331
https://lists.debian.org/debian-lts-announce/2022/01/msg00018.html
https://nvd.nist.gov/vuln/detail/CVE-2022-22816
https://pillow.readthedocs.io/en/stable/releasenotes/9.0.0.html#fixed-imagepath-path-array-handling
https://ubuntu.com/security/notices/USN-5227-1
https://ubuntu.com/security/notices/USN-5227-2
https://www.debian.org/security/2022/dsa-5053
| | python3.6 | CVE-2021-3733 | MEDIUM | 3.6.9-1~18.04ubuntu1.4 | 3.6.9-1~18.04ubuntu1.6 |
Expand...https://bugs.python.org/issue43075
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3733
https://docs.python.org/3.6/whatsnew/changelog.html#python-3-6-14-final
https://docs.python.org/3.7/whatsnew/changelog.html#python-3-7-11-final
https://docs.python.org/3.8/whatsnew/changelog.html#python-3-8-10-final
https://docs.python.org/3.9/whatsnew/changelog.html#python-3-9-5-final
https://github.com/python/cpython/commit/3fbe96123aeb66664fa547a8f6022efa2dc8788f (3.6.14)
https://github.com/python/cpython/commit/7215d1ae25525c92b026166f9d5cac85fb1defe1 (master)
https://github.com/python/cpython/commit/a21d4fbd549ec9685068a113660553d7f80d9b09 (3.9.5)
https://github.com/python/cpython/commit/ada14995870abddc277addf57dd690a2af04c2da (3.7.11)
https://github.com/python/cpython/commit/e7654b6046090914a8323931ed759a94a5f85d60 (3.8.10)
https://github.com/python/cpython/pull/24391
https://linux.oracle.com/cve/CVE-2021-3733.html
https://linux.oracle.com/errata/ELSA-2021-4160.html
https://ubuntu.com/security/notices/USN-5083-1
https://ubuntu.com/security/notices/USN-5199-1
https://ubuntu.com/security/notices/USN-5200-1
| | python3.6 | CVE-2021-3737 | MEDIUM | 3.6.9-1~18.04ubuntu1.4 | 3.6.9-1~18.04ubuntu1.6 |
Expand...https://bugs.python.org/issue44022
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3737
https://github.com/python/cpython/commit/0389426fa4af4dfc8b1d7f3f291932d928392d8b (3.8 branch)
https://github.com/python/cpython/commit/078b146f062d212919d0ba25e34e658a8234aa63 (v3.7.11)
https://github.com/python/cpython/commit/1b6f4e5e13ebd1f957b47f7415b53d0869bdbac6 (v3.6.14
https://github.com/python/cpython/commit/5df4abd6b033a5f1e48945c6988b45e35e76f647 (v3.9.6)
https://github.com/python/cpython/commit/60ba0b68470a584103e28958d91e93a6db37ec92 (v3.10.0b2)
https://github.com/python/cpython/commit/98e5a7975d99b58d511f171816ecdfb13d5cca18 (v3.10.0b3)
https://github.com/python/cpython/commit/ea9327036680acc92d9f89eaf6f6a54d2f8d78d9 (v3.9.6)
https://github.com/python/cpython/commit/f396864ddfe914531b5856d7bf852808ebfc01ae (v3.8.11)
https://github.com/python/cpython/commit/f68d2d69f1da56c2aea1293ecf93ab69a6010ad7 (v3.6.14)
https://github.com/python/cpython/commit/fee96422e6f0056561cf74fef2012cc066c9db86 (v3.7.11)
https://github.com/python/cpython/pull/25916
https://github.com/python/cpython/pull/26503
https://linux.oracle.com/cve/CVE-2021-3737.html
https://linux.oracle.com/errata/ELSA-2021-4160.html
https://ubuntu.com/security/notices/USN-5083-1
https://ubuntu.com/security/notices/USN-5199-1
https://ubuntu.com/security/notices/USN-5200-1
https://ubuntu.com/security/notices/USN-5201-1
| +| python3.6 | CVE-2021-4189 | MEDIUM | 3.6.9-1~18.04ubuntu1.4 | |
Expand...https://bugs.python.org/issue43285
https://bugzilla.redhat.com/show_bug.cgi?id=2036020
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4189
https://github.com/python/cpython/commit/0ab152c6b5d95caa2dc1a30fa96e10258b5f188e (master)
https://github.com/python/cpython/commit/4134f154ae2f621f25c5d698cc0f1748035a1b88 (v3.6.14)
https://github.com/python/cpython/commit/79373951b3eab585d42e0f0ab83718cbe1d0ee33 (v3.7.11)
https://github.com/python/cpython/commit/7dcb4baa4f0fde3aef5122a8e9f6a41853ec9335 (v3.9.3)
| | python3.6 | CVE-2021-23336 | LOW | 3.6.9-1~18.04ubuntu1.4 | |
Expand...http://www.openwall.com/lists/oss-security/2021/02/19/4
http://www.openwall.com/lists/oss-security/2021/05/01/2
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23336
https://github.com/python/cpython/commit/fcbe0cb04d35189401c0c880ebfb4311e952d776 (master)
https://github.com/python/cpython/pull/24297
https://linux.oracle.com/cve/CVE-2021-23336.html
https://linux.oracle.com/errata/ELSA-2021-4162.html
https://lists.apache.org/thread.html/ra8ce70088ba291f358e077cafdb14d174b7a1ce9a9d86d1b332d6367@%3Cusers.airflow.apache.org%3E
https://lists.apache.org/thread.html/rc005f4de9d9b0ba943ceb8ff5a21a5c6ff8a9df52632476698d99432@%3Cannounce.apache.org%3E
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://lists.debian.org/debian-lts-announce/2021/02/msg00030.html
https://lists.debian.org/debian-lts-announce/2021/04/msg00005.html
https://lists.debian.org/debian-lts-announce/2021/04/msg00015.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3EPYWWFDV22CJ5AOH5VCE72DOASZZ255/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3YKKDLXL3UEZ3J426C2XTBS63AHE46SM/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/46N6A52EGSXHJYCZWVMBJJIH4NWIV2B5/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FONHJIOZOFD7CD35KZL6SVBUTMBPGZGA/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HCQTCSP6SCVIYNIRUJC5X7YBVUHPLSC4/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZTM7KLHFCE3LWSEVO2NAFLUHMGYMCRY/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IHQDU7NXA7EWAE4W7VO6MURVJIULEPPR/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KJXCMHLY7H3FIYLE4OKDYUILU2CCRUCZ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LVNH6Z24IG3E67ZCQGGJ46FZB4XFLQNZ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MNUN5SOMFL2BBKP6ZAICIIUPQKZDMGYO/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MP572OLHMS7MZO4KUPSCIMSZIA5IZZ62/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N6VXJZSZ6N64AILJX4CTMACYGQGHHD5C/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NJSCSN722JO2E2AGPWD4NTGVELVRPB4R/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NODWHDIFBQE5RU5PUWUVE47JOT5VCMJ2/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OAGSWNGZJ6HQ5ISA67SNMK3CJRKICET7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RSLQD5CCM75IZGAMBDGUZEATYU5YSGJ7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SGIY6I4YS3WOXAK4SXKIEOC2G4VZKIR7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TFTELUMWZE3KV3JB2H5EE6VFRZFRD5MV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LSKBEFI5SYEY5FM6ICZVZM5WRQUCS4/
https://security.gentoo.org/glsa/202104-04
https://security.netapp.com/advisory/ntap-20210326-0004/
https://snyk.io/blog/cache-poisoning-in-popular-open-source-packages/
https://snyk.io/vuln/SNYK-UPSTREAM-PYTHONCPYTHON-1074933
https://ubuntu.com/security/notices/USN-4742-1
https://www.djangoproject.com/weblog/2021/feb/19/security-releases/
https://www.oracle.com//security-alerts/cpujul2021.html
https://www.oracle.com/security-alerts/cpuApr2021.html
https://www.oracle.com/security-alerts/cpuoct2021.html
| | python3.6 | CVE-2021-3426 | LOW | 3.6.9-1~18.04ubuntu1.4 | |
Expand...https://bugzilla.redhat.com/show_bug.cgi?id=1935913
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3426
https://github.com/python/cpython/pull/24285
https://github.com/python/cpython/pull/24337
https://linux.oracle.com/cve/CVE-2021-3426.html
https://linux.oracle.com/errata/ELSA-2021-9562.html
https://lists.debian.org/debian-lts-announce/2021/04/msg00005.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/25HVHLBGO2KNPXJ3G426QEYSSCECJDU5/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BF2K7HEWADHN6P52R3QLIOX27U3DJ4HI/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DQYPUKLLBOZMKFPO7RD7CENTXHUUEUV7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LM5V4VPLBHBEASSAROYPSHXGXGGPHNOE/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N6VXJZSZ6N64AILJX4CTMACYGQGHHD5C/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QNGAFMPIYIVJ47FCF2NK2PIX22HUG35B/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VPX7Y5GQDNB4FJTREWONGC4ZSVH7TGHF/
https://python-security.readthedocs.io/vuln/pydoc-getfile.html
https://security.gentoo.org/glsa/202104-04
https://security.netapp.com/advisory/ntap-20210629-0003/
https://www.oracle.com/security-alerts/cpuoct2021.html
| | python3.6-minimal | CVE-2021-3733 | MEDIUM | 3.6.9-1~18.04ubuntu1.4 | 3.6.9-1~18.04ubuntu1.6 |
Expand...https://bugs.python.org/issue43075
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3733
https://docs.python.org/3.6/whatsnew/changelog.html#python-3-6-14-final
https://docs.python.org/3.7/whatsnew/changelog.html#python-3-7-11-final
https://docs.python.org/3.8/whatsnew/changelog.html#python-3-8-10-final
https://docs.python.org/3.9/whatsnew/changelog.html#python-3-9-5-final
https://github.com/python/cpython/commit/3fbe96123aeb66664fa547a8f6022efa2dc8788f (3.6.14)
https://github.com/python/cpython/commit/7215d1ae25525c92b026166f9d5cac85fb1defe1 (master)
https://github.com/python/cpython/commit/a21d4fbd549ec9685068a113660553d7f80d9b09 (3.9.5)
https://github.com/python/cpython/commit/ada14995870abddc277addf57dd690a2af04c2da (3.7.11)
https://github.com/python/cpython/commit/e7654b6046090914a8323931ed759a94a5f85d60 (3.8.10)
https://github.com/python/cpython/pull/24391
https://linux.oracle.com/cve/CVE-2021-3733.html
https://linux.oracle.com/errata/ELSA-2021-4160.html
https://ubuntu.com/security/notices/USN-5083-1
https://ubuntu.com/security/notices/USN-5199-1
https://ubuntu.com/security/notices/USN-5200-1
| | python3.6-minimal | CVE-2021-3737 | MEDIUM | 3.6.9-1~18.04ubuntu1.4 | 3.6.9-1~18.04ubuntu1.6 |
Expand...https://bugs.python.org/issue44022
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3737
https://github.com/python/cpython/commit/0389426fa4af4dfc8b1d7f3f291932d928392d8b (3.8 branch)
https://github.com/python/cpython/commit/078b146f062d212919d0ba25e34e658a8234aa63 (v3.7.11)
https://github.com/python/cpython/commit/1b6f4e5e13ebd1f957b47f7415b53d0869bdbac6 (v3.6.14
https://github.com/python/cpython/commit/5df4abd6b033a5f1e48945c6988b45e35e76f647 (v3.9.6)
https://github.com/python/cpython/commit/60ba0b68470a584103e28958d91e93a6db37ec92 (v3.10.0b2)
https://github.com/python/cpython/commit/98e5a7975d99b58d511f171816ecdfb13d5cca18 (v3.10.0b3)
https://github.com/python/cpython/commit/ea9327036680acc92d9f89eaf6f6a54d2f8d78d9 (v3.9.6)
https://github.com/python/cpython/commit/f396864ddfe914531b5856d7bf852808ebfc01ae (v3.8.11)
https://github.com/python/cpython/commit/f68d2d69f1da56c2aea1293ecf93ab69a6010ad7 (v3.6.14)
https://github.com/python/cpython/commit/fee96422e6f0056561cf74fef2012cc066c9db86 (v3.7.11)
https://github.com/python/cpython/pull/25916
https://github.com/python/cpython/pull/26503
https://linux.oracle.com/cve/CVE-2021-3737.html
https://linux.oracle.com/errata/ELSA-2021-4160.html
https://ubuntu.com/security/notices/USN-5083-1
https://ubuntu.com/security/notices/USN-5199-1
https://ubuntu.com/security/notices/USN-5200-1
https://ubuntu.com/security/notices/USN-5201-1
| +| python3.6-minimal | CVE-2021-4189 | MEDIUM | 3.6.9-1~18.04ubuntu1.4 | |
Expand...https://bugs.python.org/issue43285
https://bugzilla.redhat.com/show_bug.cgi?id=2036020
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4189
https://github.com/python/cpython/commit/0ab152c6b5d95caa2dc1a30fa96e10258b5f188e (master)
https://github.com/python/cpython/commit/4134f154ae2f621f25c5d698cc0f1748035a1b88 (v3.6.14)
https://github.com/python/cpython/commit/79373951b3eab585d42e0f0ab83718cbe1d0ee33 (v3.7.11)
https://github.com/python/cpython/commit/7dcb4baa4f0fde3aef5122a8e9f6a41853ec9335 (v3.9.3)
| | python3.6-minimal | CVE-2021-23336 | LOW | 3.6.9-1~18.04ubuntu1.4 | |
Expand...http://www.openwall.com/lists/oss-security/2021/02/19/4
http://www.openwall.com/lists/oss-security/2021/05/01/2
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23336
https://github.com/python/cpython/commit/fcbe0cb04d35189401c0c880ebfb4311e952d776 (master)
https://github.com/python/cpython/pull/24297
https://linux.oracle.com/cve/CVE-2021-23336.html
https://linux.oracle.com/errata/ELSA-2021-4162.html
https://lists.apache.org/thread.html/ra8ce70088ba291f358e077cafdb14d174b7a1ce9a9d86d1b332d6367@%3Cusers.airflow.apache.org%3E
https://lists.apache.org/thread.html/rc005f4de9d9b0ba943ceb8ff5a21a5c6ff8a9df52632476698d99432@%3Cannounce.apache.org%3E
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://lists.debian.org/debian-lts-announce/2021/02/msg00030.html
https://lists.debian.org/debian-lts-announce/2021/04/msg00005.html
https://lists.debian.org/debian-lts-announce/2021/04/msg00015.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3EPYWWFDV22CJ5AOH5VCE72DOASZZ255/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3YKKDLXL3UEZ3J426C2XTBS63AHE46SM/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/46N6A52EGSXHJYCZWVMBJJIH4NWIV2B5/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FONHJIOZOFD7CD35KZL6SVBUTMBPGZGA/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HCQTCSP6SCVIYNIRUJC5X7YBVUHPLSC4/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZTM7KLHFCE3LWSEVO2NAFLUHMGYMCRY/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IHQDU7NXA7EWAE4W7VO6MURVJIULEPPR/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KJXCMHLY7H3FIYLE4OKDYUILU2CCRUCZ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LVNH6Z24IG3E67ZCQGGJ46FZB4XFLQNZ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MNUN5SOMFL2BBKP6ZAICIIUPQKZDMGYO/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MP572OLHMS7MZO4KUPSCIMSZIA5IZZ62/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N6VXJZSZ6N64AILJX4CTMACYGQGHHD5C/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NJSCSN722JO2E2AGPWD4NTGVELVRPB4R/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NODWHDIFBQE5RU5PUWUVE47JOT5VCMJ2/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OAGSWNGZJ6HQ5ISA67SNMK3CJRKICET7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RSLQD5CCM75IZGAMBDGUZEATYU5YSGJ7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SGIY6I4YS3WOXAK4SXKIEOC2G4VZKIR7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TFTELUMWZE3KV3JB2H5EE6VFRZFRD5MV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LSKBEFI5SYEY5FM6ICZVZM5WRQUCS4/
https://security.gentoo.org/glsa/202104-04
https://security.netapp.com/advisory/ntap-20210326-0004/
https://snyk.io/blog/cache-poisoning-in-popular-open-source-packages/
https://snyk.io/vuln/SNYK-UPSTREAM-PYTHONCPYTHON-1074933
https://ubuntu.com/security/notices/USN-4742-1
https://www.djangoproject.com/weblog/2021/feb/19/security-releases/
https://www.oracle.com//security-alerts/cpujul2021.html
https://www.oracle.com/security-alerts/cpuApr2021.html
https://www.oracle.com/security-alerts/cpuoct2021.html
| | python3.6-minimal | CVE-2021-3426 | LOW | 3.6.9-1~18.04ubuntu1.4 | |
Expand...https://bugzilla.redhat.com/show_bug.cgi?id=1935913
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3426
https://github.com/python/cpython/pull/24285
https://github.com/python/cpython/pull/24337
https://linux.oracle.com/cve/CVE-2021-3426.html
https://linux.oracle.com/errata/ELSA-2021-9562.html
https://lists.debian.org/debian-lts-announce/2021/04/msg00005.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/25HVHLBGO2KNPXJ3G426QEYSSCECJDU5/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BF2K7HEWADHN6P52R3QLIOX27U3DJ4HI/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DQYPUKLLBOZMKFPO7RD7CENTXHUUEUV7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LM5V4VPLBHBEASSAROYPSHXGXGGPHNOE/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N6VXJZSZ6N64AILJX4CTMACYGQGHHD5C/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QNGAFMPIYIVJ47FCF2NK2PIX22HUG35B/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VPX7Y5GQDNB4FJTREWONGC4ZSVH7TGHF/
https://python-security.readthedocs.io/vuln/pydoc-getfile.html
https://security.gentoo.org/glsa/202104-04
https://security.netapp.com/advisory/ntap-20210629-0003/
https://www.oracle.com/security-alerts/cpuoct2021.html
| +| util-linux | CVE-2021-37600 | LOW | 2.31.1-0.4ubuntu3.7 | |
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37600
https://github.com/karelzak/util-linux/commit/1c9143d0c1f979c3daf10e1c37b5b1e916c22a1c
https://github.com/karelzak/util-linux/issues/1395
https://security.netapp.com/advisory/ntap-20210902-0002/
| | xdg-user-dirs | CVE-2017-15131 | LOW | 0.17-1ubuntu1 | |
Expand...http://bugs.freedesktop.org/show_bug.cgi?id=102303
https://access.redhat.com/errata/RHSA-2018:0842
https://bugzilla.redhat.com/show_bug.cgi?id=1412762
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15131
https://linux.oracle.com/cve/CVE-2017-15131.html
https://linux.oracle.com/errata/ELSA-2018-0842.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
| diff --git a/docs/index.yaml b/docs/index.yaml index d05220b1d14..d1400016650 100644 --- a/docs/index.yaml +++ b/docs/index.yaml @@ -7696,6 +7696,38 @@ entries: - https://github.com/truecharts/apps/releases/download/deepstack-gpu-3.0.0/deepstack-gpu-3.0.0.tgz version: 3.0.0 deluge: + - annotations: + truecharts.org/SCALE-support: "true" + truecharts.org/catagories: | + - media + truecharts.org/grade: U + apiVersion: v2 + appVersion: 2.0.3 + created: "2022-01-31T20:58:39.617999923Z" + dependencies: + - name: common + repository: https://truecharts.org + version: 8.14.2 + description: Deluge App for TrueNAS SCALE + digest: 4772407ccc5b73dfcf47acacf713a708e45a3402a6952848a0eba230b501a9d9 + home: https://github.com/truecharts/apps/tree/master/charts/stable/deluge + icon: https://truecharts.org/_static/img/appicons/deluge-icon.png + keywords: + - transmission + - torrent + - usenet + kubeVersion: '>=1.16.0-0' + maintainers: + - email: info@truecharts.org + name: TrueCharts + url: https://truecharts.org + name: deluge + sources: + - https://github.com/deluge-torrent/deluge + type: application + urls: + - https://github.com/truecharts/apps/releases/download/deluge-9.0.37/deluge-9.0.37.tgz + version: 9.0.37 - annotations: truecharts.org/SCALE-support: "true" truecharts.org/catagories: | @@ -47399,40 +47431,6 @@ entries: - https://github.com/truecharts/apps/releases/download/strapi-0.0.1/strapi-0.0.1.tgz version: 0.0.1 synapse: - - annotations: - truecharts.org/SCALE-support: "true" - truecharts.org/catagories: | - - cloud - truecharts.org/grade: U - apiVersion: v2 - appVersion: 1.50.2 - created: "2022-01-31T20:49:41.99284935Z" - dependencies: - - name: common - repository: https://truecharts.org - version: 8.14.2 - - condition: postgresql.enabled - name: postgresql - repository: https://truecharts.org/ - version: 6.0.58 - description: A Helm chart to deploy a Matrix homeserver stack into Kubernetes - digest: b25c30ebcc7951e3cc4935e488581c6f6fb11a6850caed0d168da6708521e438 - home: https://github.com/truecharts/apps/charts/stable/synapse - icon: https://truecharts.org/_static/img/appicons/synapse-icon.png - keywords: - - chat - - matrix - - synapse - kubeVersion: '>=1.16.0-0' - maintainers: - - email: info@truecharts.org - name: TrueCharts - url: https://truecharts.org - name: synapse - type: application - urls: - - https://github.com/truecharts/apps/releases/download/synapse-0.0.14/synapse-0.0.14.tgz - version: 0.0.14 - annotations: truecharts.org/SCALE-support: "true" truecharts.org/catagories: | @@ -54436,4 +54434,4 @@ entries: urls: - https://github.com/truecharts/apps/releases/download/zwavejs2mqtt-9.0.24/zwavejs2mqtt-9.0.24.tgz version: 9.0.24 -generated: "2022-01-31T20:49:41.996367448Z" +generated: "2022-01-31T20:58:39.621880444Z"