Todo Lists
Scheduled advisories
| Advisory | Group | Package | Severity | Type |
|---|---|---|---|---|
| ASA-202101-41 | AVG-1446 | jenkins | High | multiple issues |
| ASA-202101-40 | AVG-1454 | flatpak | High | sandbox escape |
| ASA-202101-39 | AVG-1457 | erlang | High | certificate verification bypass |
| ASA-202101-38 | AVG-1470 | dnsmasq | High | multiple issues |
| ASA-202101-37 | AVG-1483 | virtualbox | High | multiple issues |
| ASA-202101-36 | AVG-867 | podofo | Medium | multiple issues |
| ASA-202101-35 | AVG-1423 | vlc | Medium | arbitrary code execution |
| ASA-202101-34 | AVG-1435 | gptfdisk | Medium | arbitrary code execution |
| ASA-202101-33 | AVG-1442 | linux | Medium | directory traversal |
| ASA-202101-32 | AVG-1443 | linux-hardened | Medium | directory traversal |
| ASA-202101-31 | AVG-1444 | linux-zen | Medium | directory traversal |
| ASA-202101-30 | AVG-1445 | linux-lts | Medium | directory traversal |
| ASA-202101-29 | AVG-1451 | lldpd | Medium | information disclosure |
| ASA-202101-28 | AVG-1456 | openvswitch | Medium | multiple issues |
| ASA-202101-27 | AVG-1481 | go | Medium | multiple issues |
| ASA-202101-26 | AVG-1383 | gobby | Low | denial of service |
| ASA-202101-25 | AVG-1431 | sudo | Low | information disclosure |
Pending advisories
| Group | Package | Severity | Affected | Fixed | Ticket |
|---|---|---|---|---|---|
| AVG-1477 | chromium | Critical | 87.0.4280.141-1 | 88.0.4324.96-1 | |
| AVG-1487 | python-pysaml2 | Critical | 6.4.1-1 | 6.5.1-1 | |
| AVG-1032 | kea | High | 1.5.0-14 | 1.8.0-1 | |
| AVG-1408 | linux | High | 5.10.5.arch1-1 | 5.10.6.arch1-1 | |
| AVG-1409 | linux-zen | High | 5.10.5.zen1-1 | 5.10.6.zen1-1 | |
| AVG-1410 | linux-hardened | High | 5.10.5.a-2 | 5.10.6.a-1 | |
| AVG-1411 | linux-lts | High | 5.4.87-1 | 5.4.88-1 | |
| AVG-1425 | opera | High | 73.0.3856.329-1 | 73.0.3856.344-1 | |
| AVG-1428 | libetpan | High | 1.9.4-2 | 1.9.4-3 | FS#69284 |
| AVG-1433 | cacti | High | 1.2.16-1 | 1.2.16-2 | FS#69300 |
| AVG-1331 | jasper | Medium | 2.0.19-1 | 2.0.24-1 | FS#68889 |
| AVG-1422 | ceph | Medium | 15.2.6-4 | 15.2.8-1 | |
| AVG-1488 | home-assistant | Medium | 2020.12.2-1 | 2021.1.4-1 | FS#69398 |
| AVG-1476 | mutt | Low | 2.0.4-1 | 2.0.5-1 |
Bumped packages
| Group | Package | Severity | Affected | Current | Ticket |
|---|---|---|---|---|---|
| AVG-1247 | linux-lts | High | 5.4.76-1 |
5.4.92-1 [core] |
FS#68257 |
| AVG-1246 | linux-zen | High | 5.9.7.zen1-1 |
5.10.10.zen1-1 [extra] |
FS#68257 |
| AVG-1245 | linux-hardened | High | 5.9.8.a-1 |
5.10.10.hardened1-1 [extra] |
FS#68257 |
| AVG-1244 | linux | High | 5.9.7.arch1-1 |
5.10.10.arch1-1 [core] |
FS#68257 |
Orphan issues
| Issue | Severity | Remote | Type | Description |
|---|---|---|---|---|
| CVE-2016-1000000 | High | Yes | Sql injection | Ipswitch WhatsUp Gold 16.4.1 WrFreeFormText.asp sUniqueID Parameter Blind SQL Injection |
| CVE-2016-10739 | Medium | No | Open redirect | In the GNU C Library (aka glibc or libc6) through 2.28, the getaddrinfo function would... |
| CVE-2017-1000410 | High | Yes | Information disclosure | The Linux kernel version 3.3-rc1 and later is affected by a vulnerability in the processing... |
| CVE-2019-5481 | Low | Yes | Denial of service | libcurl can be told to use kerberos over FTP to a server, as set with the CURLOPT_KRBLEVEL... |
| CVE-2019-5482 | Medium | Yes | Arbitrary code execution | libcurl contains a heap buffer overflow in the function (tftp_receive_packet()) that... |
| CVE-2020-16013 | High | Yes | Access restriction bypass | An inappropriate implementation security issue has been found in the V8 component of the... |
| CVE-2020-16017 | High | Yes | Arbitrary code execution | A use after free security issue has been found in the site isolation component of the... |
| CVE-2020-27823 | Medium | No | Arbitrary code execution | In openjpeg2 version 2.3.1 and prior, there is a heap buffer overflow in... |