---

Log

AVG-2105 created at 26 Jun 2021 12:51:35
Packages	+ puppet
Issues	+ CVE-2021-27021
Status	+ Vulnerable
Severity	+ Unknown
Affected	+ 6.22.1-1
Fixed
Ticket
Advisory qualified	+ Yes
References
Notes

CVE-2021-27021 created at 26 Jun 2021 12:51:35

AVG-2104 edited at 26 Jun 2021 12:48:19
Severity	- Unknown + Low

CVE-2021-34183 edited at 26 Jun 2021 12:48:19
Severity	- Unknown + Low
Remote	- Unknown + Remote
Type	- Unknown + Denial of service
Description	+ ImageMagick 7.0.11-14 has a memory leak in AcquireSemaphoreMemory in semaphore.c and AcquireMagickMemory in memory.c.
References	+ https://github.com/ImageMagick/ImageMagick/issues/3767
Notes

AVG-2104 created at 26 Jun 2021 12:47:07
Packages	+ imagemagick
Issues	+ CVE-2021-34183
Status	+ Vulnerable
Severity	+ Unknown
Affected	+ 7.1.0.2-1
Fixed
Ticket
Advisory qualified	+ Yes
References
Notes

CVE-2021-34183 created at 26 Jun 2021 12:47:07

CVE-2021-31615 edited at 26 Jun 2021 12:46:34
Severity	- Unknown + Low
Remote	- Unknown + Remote
Type	- Unknown + Denial of service
Description	+ Unencrypted Bluetooth Low Energy baseband links in Bluetooth Core Specifications 4.0 through 5.2 may permit an adjacent device to inject a crafted packet during the receive window of the listening device before the transmitting device initiates its packet transmission to achieve full MITM status without terminating the link. When applied against devices establishing or using encrypted links, crafted packets may be used to terminate an existing link, but will not compromise the confidentiality or integrity of the link.
References	+ https://www.bluetooth.com/learn-about-bluetooth/key-attributes/bluetooth-security/injectable/

AVG-1879 edited at 26 Jun 2021 12:45:56
Issues	CVE-2020-26555 CVE-2020-26556 CVE-2020-26557 CVE-2020-26559 CVE-2020-26560 CVE-2021-3542 CVE-2021-3609 CVE-2021-22543 + CVE-2021-31615

CVE-2021-31615 created at 26 Jun 2021 12:45:56
Severity	+ Unknown
Remote	+ Unknown
Type	+ Unknown
Description
References
Notes

AVG-2094 edited at 25 Jun 2021 23:53:31
Status	- Testing + Fixed

AVG-2095 edited at 25 Jun 2021 23:53:31
Status	- Testing + Fixed

AVG-1921 edited at 25 Jun 2021 07:17:06
Advisory qualified	- Yes + No

AVG-2083 edited at 25 Jun 2021 07:16:14
Status	- Vulnerable + Fixed
Fixed	+ 77.0.4054.146-1
Notes	- Opera version 77.0.4054.90 is based on Chromium version 91.0.4472.101 according to the reference. + Opera version 77.0.4054.90 is based on Chromium version 91.0.4472.101, Opera version 77.0.4054.146 is based on Chromium version 91.0.4472.114 according to the reference.

ASA-202106-57 edited at 24 Jun 2021 16:21:51
Workaround	- Disabling the regex sieve extension avoids the worst problems. lmtp_user_concurrency_limit may also be helpful. + Disabling the regex sieve extension avoids the worst problems. + lmtp_user_concurrency_limit may also be helpful.