catalog/stable/minio/1.0.7/security.md

182 KiB
Raw Blame History

hide
toc

Security Overview

Helm-Chart

Scan Results

Chart Object: minio/templates/common.yaml

Type Misconfiguration ID Check Severity Explaination Links
Kubernetes Security Check KSV003 Default capabilities not dropped LOW
Expand... The container should drop all default capabilities and add only those that are needed for its execution.


Container 'RELEASE-NAME-minio' of Deployment 'RELEASE-NAME-minio' should add 'ALL' to 'securityContext.capabilities.drop'
Expand...https://kubesec.io/basics/containers-securitycontext-capabilities-drop-index-all/
https://avd.aquasec.com/appshield/ksv003
Kubernetes Security Check KSV012 Runs as root user MEDIUM
Expand... 'runAsNonRoot' forces the running image to run as a non-root user to ensure least privileges.


Container 'autopermissions' of Deployment 'RELEASE-NAME-minio' should set 'securityContext.runAsNonRoot' to true
Expand...https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
https://avd.aquasec.com/appshield/ksv012
Kubernetes Security Check KSV013 Image tag ':latest' used LOW
Expand... It is best to avoid using the ':latest' image tag when deploying containers in production. Doing so makes it hard to track which version of the image is running, and hard to roll back the version.


Container 'RELEASE-NAME-minio' of Deployment 'RELEASE-NAME-minio' should specify an image tag
Expand...https://kubernetes.io/docs/concepts/configuration/overview/#container-images
https://avd.aquasec.com/appshield/ksv013
Kubernetes Security Check KSV013 Image tag ':latest' used LOW
Expand... It is best to avoid using the ':latest' image tag when deploying containers in production. Doing so makes it hard to track which version of the image is running, and hard to roll back the version.


Container 'autopermissions' of Deployment 'RELEASE-NAME-minio' should specify an image tag
Expand...https://kubernetes.io/docs/concepts/configuration/overview/#container-images
https://avd.aquasec.com/appshield/ksv013
Kubernetes Security Check KSV014 Root file system is not read-only LOW
Expand... An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk.


Container 'RELEASE-NAME-minio' of Deployment 'RELEASE-NAME-minio' should set 'securityContext.readOnlyRootFilesystem' to true
Expand...https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/
https://avd.aquasec.com/appshield/ksv014
Kubernetes Security Check KSV014 Root file system is not read-only LOW
Expand... An immutable root file system prevents applications from writing to their local disk. This can limit intrusions, as attackers will not be able to tamper with the file system or write foreign executables to disk.


Container 'autopermissions' of Deployment 'RELEASE-NAME-minio' should set 'securityContext.readOnlyRootFilesystem' to true
Expand...https://kubesec.io/basics/containers-securitycontext-readonlyrootfilesystem-true/
https://avd.aquasec.com/appshield/ksv014
Kubernetes Security Check KSV019 Seccomp policies disabled MEDIUM
Expand... A program inside the container can bypass Seccomp protection policies.


Container 'RELEASE-NAME-minio' of Deployment 'RELEASE-NAME-minio' should specify a seccomp profile
Expand...https://kubesec.io/basics/metadata-annotations-container-seccomp-security-alpha-kubernetes-io-pod/
https://avd.aquasec.com/appshield/ksv019
Kubernetes Security Check KSV019 Seccomp policies disabled MEDIUM
Expand... A program inside the container can bypass Seccomp protection policies.


Container 'autopermissions' of Deployment 'RELEASE-NAME-minio' should specify a seccomp profile
Expand...https://kubesec.io/basics/metadata-annotations-container-seccomp-security-alpha-kubernetes-io-pod/
https://avd.aquasec.com/appshield/ksv019
Kubernetes Security Check KSV020 Runs with low user ID MEDIUM
Expand... Force the container to run with user ID > 10000 to avoid conflicts with the hosts user table.


Container 'RELEASE-NAME-minio' of Deployment 'RELEASE-NAME-minio' should set 'securityContext.runAsUser' > 10000
Expand...https://kubesec.io/basics/containers-securitycontext-runasuser/
https://avd.aquasec.com/appshield/ksv020
Kubernetes Security Check KSV020 Runs with low user ID MEDIUM
Expand... Force the container to run with user ID > 10000 to avoid conflicts with the hosts user table.


Container 'autopermissions' of Deployment 'RELEASE-NAME-minio' should set 'securityContext.runAsUser' > 10000
Expand...https://kubesec.io/basics/containers-securitycontext-runasuser/
https://avd.aquasec.com/appshield/ksv020
Kubernetes Security Check KSV021 Runs with low group ID MEDIUM
Expand... Force the container to run with group ID > 10000 to avoid conflicts with the hosts user table.


Container 'RELEASE-NAME-minio' of Deployment 'RELEASE-NAME-minio' should set 'securityContext.runAsGroup' > 10000
Expand...https://kubesec.io/basics/containers-securitycontext-runasuser/
https://avd.aquasec.com/appshield/ksv021
Kubernetes Security Check KSV021 Runs with low group ID MEDIUM
Expand... Force the container to run with group ID > 10000 to avoid conflicts with the hosts user table.


Container 'autopermissions' of Deployment 'RELEASE-NAME-minio' should set 'securityContext.runAsGroup' > 10000
Expand...https://kubesec.io/basics/containers-securitycontext-runasuser/
https://avd.aquasec.com/appshield/ksv021

Containers

Detected Containers
      tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c
      tccr.io/truecharts/minio:latest@sha256:8129f69c85b84e13f085a1ce127f108cee0ea84a1f496e8065796c7a15a08442
Scan Results

Container: tccr.io/truecharts/alpine:v3.14.2@sha256:4095394abbae907e94b1f2fd2e2de6c4f201a5b9704573243ca8eb16db8cdb7c (alpine 3.14.2)

alpine

Package Vulnerability Severity Installed Version Fixed Version Links
busybox CVE-2021-42378 HIGH 1.33.1-r3 1.33.1-r6
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://ubuntu.com/security/notices/USN-5179-1
busybox CVE-2021-42379 HIGH 1.33.1-r3 1.33.1-r6
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42379
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://ubuntu.com/security/notices/USN-5179-1
busybox CVE-2021-42380 HIGH 1.33.1-r3 1.33.1-r6
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42380
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://ubuntu.com/security/notices/USN-5179-1
busybox CVE-2021-42381 HIGH 1.33.1-r3 1.33.1-r6
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42381
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://ubuntu.com/security/notices/USN-5179-1
busybox CVE-2021-42382 HIGH 1.33.1-r3 1.33.1-r6
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42382
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://ubuntu.com/security/notices/USN-5179-1
busybox CVE-2021-42383 HIGH 1.33.1-r3 1.33.1-r6
Expand...https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
busybox CVE-2021-42384 HIGH 1.33.1-r3 1.33.1-r6
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42384
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://ubuntu.com/security/notices/USN-5179-1
busybox CVE-2021-42385 HIGH 1.33.1-r3 1.33.1-r6
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42385
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://ubuntu.com/security/notices/USN-5179-1
busybox CVE-2021-42386 HIGH 1.33.1-r3 1.33.1-r6
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42386
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://ubuntu.com/security/notices/USN-5179-1
busybox CVE-2021-42374 MEDIUM 1.33.1-r3 1.33.1-r4
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42374
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://ubuntu.com/security/notices/USN-5179-1
busybox CVE-2021-42375 MEDIUM 1.33.1-r3 1.33.1-r5
Expand...https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
ssl_client CVE-2021-42378 HIGH 1.33.1-r3 1.33.1-r6
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42378
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://ubuntu.com/security/notices/USN-5179-1
ssl_client CVE-2021-42379 HIGH 1.33.1-r3 1.33.1-r6
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42379
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://ubuntu.com/security/notices/USN-5179-1
ssl_client CVE-2021-42380 HIGH 1.33.1-r3 1.33.1-r6
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42380
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://ubuntu.com/security/notices/USN-5179-1
ssl_client CVE-2021-42381 HIGH 1.33.1-r3 1.33.1-r6
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42381
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://ubuntu.com/security/notices/USN-5179-1
ssl_client CVE-2021-42382 HIGH 1.33.1-r3 1.33.1-r6
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42382
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://ubuntu.com/security/notices/USN-5179-1
ssl_client CVE-2021-42383 HIGH 1.33.1-r3 1.33.1-r6
Expand...https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
ssl_client CVE-2021-42384 HIGH 1.33.1-r3 1.33.1-r6
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42384
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://ubuntu.com/security/notices/USN-5179-1
ssl_client CVE-2021-42385 HIGH 1.33.1-r3 1.33.1-r6
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42385
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://ubuntu.com/security/notices/USN-5179-1
ssl_client CVE-2021-42386 HIGH 1.33.1-r3 1.33.1-r6
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42386
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://ubuntu.com/security/notices/USN-5179-1
ssl_client CVE-2021-42374 MEDIUM 1.33.1-r3 1.33.1-r4
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42374
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/
https://ubuntu.com/security/notices/USN-5179-1
ssl_client CVE-2021-42375 MEDIUM 1.33.1-r3 1.33.1-r5
Expand...https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/

Container: tccr.io/truecharts/minio:latest@sha256:8129f69c85b84e13f085a1ce127f108cee0ea84a1f496e8065796c7a15a08442 (redhat 8.4)

redhat

Package Vulnerability Severity Installed Version Fixed Version Links
bzip2-libs CVE-2019-12900 LOW 1.0.6-26.el8
Expand...http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00040.html
http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00050.html
http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00078.html
http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00000.html
http://packetstormsecurity.com/files/153644/Slackware-Security-Advisory-bzip2-Updates.html
http://packetstormsecurity.com/files/153957/FreeBSD-Security-Advisory-FreeBSD-SA-19-18.bzip2.html
https://bugs.launchpad.net/ubuntu/+source/bzip2/+bug/1834494
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12900
https://gitlab.com/federicomenaquintero/bzip2/commit/74de1e2e6ffc9d51ef9824db71a8ffee5962cdbc
https://lists.apache.org/thread.html/ra0adb9653c7de9539b93cc8434143b655f753b9f60580ff260becb2b@%3Cusers.kafka.apache.org%3E
https://lists.apache.org/thread.html/rce8cd8c30f60604b580ea01bebda8a671a25c9a1629f409fc24e7774@%3Cuser.flink.apache.org%3E
https://lists.apache.org/thread.html/rda98305669476c4d90cc8527c4deda7e449019dd1fe9936b56671dd4@%3Cuser.flink.apache.org%3E
https://lists.debian.org/debian-lts-announce/2019/06/msg00021.html
https://lists.debian.org/debian-lts-announce/2019/07/msg00014.html
https://lists.debian.org/debian-lts-announce/2019/10/msg00012.html
https://lists.debian.org/debian-lts-announce/2019/10/msg00018.html
https://seclists.org/bugtraq/2019/Aug/4
https://seclists.org/bugtraq/2019/Jul/22
https://security.FreeBSD.org/advisories/FreeBSD-SA-19:18.bzip2.asc
https://support.f5.com/csp/article/K68713584?utm_source=f5support&utm_medium=RSS
https://ubuntu.com/security/notices/USN-4038-1
https://ubuntu.com/security/notices/USN-4038-2
https://ubuntu.com/security/notices/USN-4038-3
https://ubuntu.com/security/notices/USN-4038-4
https://ubuntu.com/security/notices/USN-4146-1
https://ubuntu.com/security/notices/USN-4146-2
https://usn.ubuntu.com/4038-1/
https://usn.ubuntu.com/4038-2/
https://usn.ubuntu.com/4146-1/
https://usn.ubuntu.com/4146-2/
https://www.oracle.com/security-alerts/cpuoct2020.html
coreutils-single CVE-2017-18018 MEDIUM 8.30-8.el8
Expand...http://lists.gnu.org/archive/html/coreutils/2017-12/msg00045.html
curl CVE-2021-22876 MEDIUM 7.61.1-18.el8_4.2 7.61.1-22.el8
Expand...https://curl.se/docs/CVE-2021-22876.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22876
https://hackerone.com/reports/1101882
https://linux.oracle.com/cve/CVE-2021-22876.html
https://linux.oracle.com/errata/ELSA-2021-4511.html
https://lists.debian.org/debian-lts-announce/2021/05/msg00019.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2ZC5BMIOKLBQJSFCHEDN2G2C2SH274BP/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ITVWPVGLFISU5BJC2BXBRYSDXTXE2YGC/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KQUIOYX2KUU6FIUZVB5WWZ6JHSSYSQWJ/
https://security.gentoo.org/glsa/202105-36
https://security.netapp.com/advisory/ntap-20210521-0007/
https://ubuntu.com/security/notices/USN-4898-1
https://ubuntu.com/security/notices/USN-4903-1
curl CVE-2021-22898 LOW 7.61.1-18.el8_4.2 7.61.1-22.el8
Expand...http://www.openwall.com/lists/oss-security/2021/07/21/4
https://curl.se/docs/CVE-2021-22898.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22898
https://github.com/curl/curl/commit/39ce47f219b09c380b81f89fe54ac586c8db6bde
https://hackerone.com/reports/1176461
https://linux.oracle.com/cve/CVE-2021-22898.html
https://linux.oracle.com/errata/ELSA-2021-4511.html
https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c@%3Cissues.guacamole.apache.org%3E
https://lists.debian.org/debian-lts-announce/2021/08/msg00017.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/POOC3UV7V6L4CJ5KA2PTWTNUV5Y72T3Q/
https://ubuntu.com/security/notices/USN-5021-1
https://www.oracle.com//security-alerts/cpujul2021.html
curl CVE-2021-22925 LOW 7.61.1-18.el8_4.2 7.61.1-22.el8
Expand...http://seclists.org/fulldisclosure/2021/Sep/39
http://seclists.org/fulldisclosure/2021/Sep/40
https://curl.se/docs/CVE-2021-22925.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22925
https://hackerone.com/reports/1223882
https://linux.oracle.com/cve/CVE-2021-22925.html
https://linux.oracle.com/errata/ELSA-2021-4511.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V/
https://security.netapp.com/advisory/ntap-20210902-0003/
https://support.apple.com/kb/HT212804
https://support.apple.com/kb/HT212805
https://ubuntu.com/security/notices/USN-5021-1
https://www.oracle.com/security-alerts/cpuoct2021.html
file-libs CVE-2019-18218 MEDIUM 5.33-16.el8_3.1 5.33-20.el8
Expand...http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00044.html
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16780
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18218
https://github.com/file/file/commit/46a8443f76cec4b41ec736eca396984c74664f84
https://linux.oracle.com/cve/CVE-2019-18218.html
https://linux.oracle.com/errata/ELSA-2021-4374.html
https://lists.debian.org/debian-lts-announce/2019/10/msg00032.html
https://lists.debian.org/debian-lts-announce/2021/07/msg00008.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CV6PFCEYHYALMTT45QE2U5C5TEJZQPXJ/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D6BJVGXSCC6NMIAWX36FPWHEIFON3OSE/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VBK6XOJR6OVWT2FUEBO7V7KCOSSLAP52/
https://security.gentoo.org/glsa/202003-24
https://security.netapp.com/advisory/ntap-20200115-0001/
https://ubuntu.com/security/notices/USN-4172-1
https://ubuntu.com/security/notices/USN-4172-2
https://usn.ubuntu.com/4172-1/
https://usn.ubuntu.com/4172-2/
https://www.debian.org/security/2019/dsa-4550
file-libs CVE-2019-8905 LOW 5.33-16.el8_3.1
Expand...http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00027.html
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00053.html
http://www.securityfocus.com/bid/107137
https://bugs.astron.com/view.php?id=63
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8905
https://lists.debian.org/debian-lts-announce/2019/02/msg00044.html
https://ubuntu.com/security/notices/USN-3911-1
https://usn.ubuntu.com/3911-1/
file-libs CVE-2019-8906 LOW 5.33-16.el8_3.1
Expand...http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00027.html
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00053.html
https://bugs.astron.com/view.php?id=64
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8906
https://github.com/file/file/commit/2858eaf99f6cc5aae129bcbf1e24ad160240185f
https://support.apple.com/kb/HT209599
https://support.apple.com/kb/HT209600
https://support.apple.com/kb/HT209601
https://support.apple.com/kb/HT209602
https://ubuntu.com/security/notices/USN-3911-1
https://usn.ubuntu.com/3911-1/
glib2 CVE-2021-3800 MEDIUM 2.56.4-10.el8_4.1 2.56.4-156.el8
Expand...https://access.redhat.com/security/cve/CVE-2021-3800
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3800
https://linux.oracle.com/cve/CVE-2021-3800.html
https://linux.oracle.com/errata/ELSA-2021-4385.html
https://www.openwall.com/lists/oss-security/2017/06/23/8
glib2 CVE-2018-16428 LOW 2.56.4-10.el8_4.1
Expand...http://www.openwall.com/lists/oss-security/2020/02/14/3
http://www.securityfocus.com/bid/105210
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16428
https://gitlab.gnome.org/GNOME/glib/commit/fccef3cc822af74699cca84cd202719ae61ca3b9
https://gitlab.gnome.org/GNOME/glib/issues/1364
https://lists.debian.org/debian-lts-announce/2019/07/msg00029.html
https://ubuntu.com/security/notices/USN-3767-1
https://ubuntu.com/security/notices/USN-3767-2
https://usn.ubuntu.com/3767-1/
https://usn.ubuntu.com/3767-2/
glib2 CVE-2018-16429 LOW 2.56.4-10.el8_4.1
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16429
https://gitlab.gnome.org/GNOME/glib/commit/cec71705406f0b2790422f0c1aa0ff3b4b464b1b
https://gitlab.gnome.org/GNOME/glib/issues/1361
https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E
https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E
https://lists.debian.org/debian-lts-announce/2019/07/msg00029.html
https://ubuntu.com/security/notices/USN-3767-1
https://ubuntu.com/security/notices/USN-3767-2
https://usn.ubuntu.com/3767-1/
https://usn.ubuntu.com/3767-2/
glib2 CVE-2021-28153 LOW 2.56.4-10.el8_4.1 2.56.4-156.el8
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28153
https://gitlab.gnome.org/GNOME/glib/-/issues/2325
https://linux.oracle.com/cve/CVE-2021-28153.html
https://linux.oracle.com/errata/ELSA-2021-4385.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6RXTD5HCP2K4AAUSWWZTBKQNHRCTAEOF/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ICUTQPHZNZWX2DZR46QFLQZRHVMHIILJ/
https://security.netapp.com/advisory/ntap-20210416-0003/
https://ubuntu.com/security/notices/USN-4764-1
glibc CVE-2019-1010022 CRITICAL 2.28-151.el8
Expand...https://security-tracker.debian.org/tracker/CVE-2019-1010022
https://sourceware.org/bugzilla/show_bug.cgi?id=22850
https://sourceware.org/bugzilla/show_bug.cgi?id=22850#c3
https://ubuntu.com/security/CVE-2019-1010022
glibc CVE-2021-35942 MEDIUM 2.28-151.el8 2.28-164.el8
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35942
https://linux.oracle.com/cve/CVE-2021-35942.html
https://linux.oracle.com/errata/ELSA-2021-9560.html
https://security.netapp.com/advisory/ntap-20210827-0005/
https://sourceware.org/bugzilla/show_bug.cgi?id=28011
https://sourceware.org/git/?p=glibc.git;a=commit;h=5adda61f62b77384718b4c0d8336ade8f2b4b35c
https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=5adda61f62b77384718b4c0d8336ade8f2b4b35c
https://sourceware.org/glibc/wiki/Security%20Exceptions
glibc CVE-2021-27645 LOW 2.28-151.el8 2.28-164.el8
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27645
https://linux.oracle.com/cve/CVE-2021-27645.html
https://linux.oracle.com/errata/ELSA-2021-9560.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7LZNT6KTMCCWPWXEOGSHD3YLYZKUGMH5/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I7TS26LIZSOBLGJEZMJX4PXT5BQDE2WS/
https://sourceware.org/bugzilla/show_bug.cgi?id=27462
glibc CVE-2021-33574 LOW 2.28-151.el8 2.28-164.el8
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33574
https://linux.oracle.com/cve/CVE-2021-33574.html
https://linux.oracle.com/errata/ELSA-2021-9560.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBUUWUGXVILQXVWEOU7N42ICHPJNAEUP/
https://security.gentoo.org/glsa/202107-07
https://security.netapp.com/advisory/ntap-20210629-0005/
https://sourceware.org/bugzilla/show_bug.cgi?id=27896
https://sourceware.org/bugzilla/show_bug.cgi?id=27896#c1
glibc-common CVE-2019-1010022 CRITICAL 2.28-151.el8
Expand...https://security-tracker.debian.org/tracker/CVE-2019-1010022
https://sourceware.org/bugzilla/show_bug.cgi?id=22850
https://sourceware.org/bugzilla/show_bug.cgi?id=22850#c3
https://ubuntu.com/security/CVE-2019-1010022
glibc-common CVE-2021-35942 MEDIUM 2.28-151.el8 2.28-164.el8
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35942
https://linux.oracle.com/cve/CVE-2021-35942.html
https://linux.oracle.com/errata/ELSA-2021-9560.html
https://security.netapp.com/advisory/ntap-20210827-0005/
https://sourceware.org/bugzilla/show_bug.cgi?id=28011
https://sourceware.org/git/?p=glibc.git;a=commit;h=5adda61f62b77384718b4c0d8336ade8f2b4b35c
https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=5adda61f62b77384718b4c0d8336ade8f2b4b35c
https://sourceware.org/glibc/wiki/Security%20Exceptions
glibc-common CVE-2021-27645 LOW 2.28-151.el8 2.28-164.el8
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27645
https://linux.oracle.com/cve/CVE-2021-27645.html
https://linux.oracle.com/errata/ELSA-2021-9560.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7LZNT6KTMCCWPWXEOGSHD3YLYZKUGMH5/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I7TS26LIZSOBLGJEZMJX4PXT5BQDE2WS/
https://sourceware.org/bugzilla/show_bug.cgi?id=27462
glibc-common CVE-2021-33574 LOW 2.28-151.el8 2.28-164.el8
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33574
https://linux.oracle.com/cve/CVE-2021-33574.html
https://linux.oracle.com/errata/ELSA-2021-9560.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBUUWUGXVILQXVWEOU7N42ICHPJNAEUP/
https://security.gentoo.org/glsa/202107-07
https://security.netapp.com/advisory/ntap-20210629-0005/
https://sourceware.org/bugzilla/show_bug.cgi?id=27896
https://sourceware.org/bugzilla/show_bug.cgi?id=27896#c1
glibc-minimal-langpack CVE-2019-1010022 CRITICAL 2.28-151.el8
Expand...https://security-tracker.debian.org/tracker/CVE-2019-1010022
https://sourceware.org/bugzilla/show_bug.cgi?id=22850
https://sourceware.org/bugzilla/show_bug.cgi?id=22850#c3
https://ubuntu.com/security/CVE-2019-1010022
glibc-minimal-langpack CVE-2021-35942 MEDIUM 2.28-151.el8 2.28-164.el8
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35942
https://linux.oracle.com/cve/CVE-2021-35942.html
https://linux.oracle.com/errata/ELSA-2021-9560.html
https://security.netapp.com/advisory/ntap-20210827-0005/
https://sourceware.org/bugzilla/show_bug.cgi?id=28011
https://sourceware.org/git/?p=glibc.git;a=commit;h=5adda61f62b77384718b4c0d8336ade8f2b4b35c
https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=5adda61f62b77384718b4c0d8336ade8f2b4b35c
https://sourceware.org/glibc/wiki/Security%20Exceptions
glibc-minimal-langpack CVE-2021-27645 LOW 2.28-151.el8 2.28-164.el8
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27645
https://linux.oracle.com/cve/CVE-2021-27645.html
https://linux.oracle.com/errata/ELSA-2021-9560.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7LZNT6KTMCCWPWXEOGSHD3YLYZKUGMH5/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I7TS26LIZSOBLGJEZMJX4PXT5BQDE2WS/
https://sourceware.org/bugzilla/show_bug.cgi?id=27462
glibc-minimal-langpack CVE-2021-33574 LOW 2.28-151.el8 2.28-164.el8
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33574
https://linux.oracle.com/cve/CVE-2021-33574.html
https://linux.oracle.com/errata/ELSA-2021-9560.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBUUWUGXVILQXVWEOU7N42ICHPJNAEUP/
https://security.gentoo.org/glsa/202107-07
https://security.netapp.com/advisory/ntap-20210629-0005/
https://sourceware.org/bugzilla/show_bug.cgi?id=27896
https://sourceware.org/bugzilla/show_bug.cgi?id=27896#c1
gmp CVE-2021-43618 LOW 1:6.1.2-10.el8
Expand...https://bugs.debian.org/994405
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43618
https://gmplib.org/list-archives/gmp-bugs/2021-September/005077.html
https://gmplib.org/repo/gmp-6.2/rev/561a9c25298e
https://lists.debian.org/debian-lts-announce/2021/12/msg00001.html
gnutls CVE-2021-20231 MEDIUM 3.6.14-8.el8_3 3.6.16-4.el8
Expand...https://bugzilla.redhat.com/show_bug.cgi?id=1922276
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20231
https://linux.oracle.com/cve/CVE-2021-20231.html
https://linux.oracle.com/errata/ELSA-2021-4451.html
https://lists.apache.org/thread.html/r50661d6f0082709aad9a584431b59ec364f9974b63b07e0800230168@%3Cissues.spark.apache.org%3E
https://lists.apache.org/thread.html/r5d4001031e7790d8c6396c499522b4ed2aab782da87b1a14184793bb@%3Cissues.spark.apache.org%3E
https://lists.apache.org/thread.html/r5f88bed447742fcc5c47bf1c7be965ef450131914a6e1f85feba2779@%3Cissues.spark.apache.org%3E
https://lists.apache.org/thread.html/r6ac143ba6dd98bd4bf6bf010d46e56e254056459721ba18822d611f7@%3Cissues.spark.apache.org%3E
https://lists.apache.org/thread.html/r9cbc69e57276413788e90a6ee16c7c034ea4258d31935b70db2bd158@%3Cissues.spark.apache.org%3E
https://lists.apache.org/thread.html/rcd70a4c88a47a75fd2d5f3ffb7cee8c2a18c713320bd90fdcb57495f@%3Cissues.spark.apache.org%3E
https://lists.apache.org/thread.html/rf5e1256d870193def4a82ad89ab95e63943a313b5ff0d81aa87e4532@%3Cissues.spark.apache.org%3E
https://lists.apache.org/thread.html/rfd5273d72d244178441e6904a2f2b41a3268f569e8092ea0b3b2bb20@%3Cissues.spark.apache.org%3E
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OSLAE6PP33A7VYRYMYMUVB3U6B26GZER/
https://security.netapp.com/advisory/ntap-20210416-0005/
https://ubuntu.com/security/notices/USN-5029-1
https://www.gnutls.org/security-new.html#GNUTLS-SA-2021-03-10
gnutls CVE-2021-20232 MEDIUM 3.6.14-8.el8_3 3.6.16-4.el8
Expand...https://bugzilla.redhat.com/show_bug.cgi?id=1922275
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20232
https://linux.oracle.com/cve/CVE-2021-20232.html
https://linux.oracle.com/errata/ELSA-2021-4451.html
https://lists.apache.org/thread.html/r50661d6f0082709aad9a584431b59ec364f9974b63b07e0800230168@%3Cissues.spark.apache.org%3E
https://lists.apache.org/thread.html/r5d4001031e7790d8c6396c499522b4ed2aab782da87b1a14184793bb@%3Cissues.spark.apache.org%3E
https://lists.apache.org/thread.html/r5f88bed447742fcc5c47bf1c7be965ef450131914a6e1f85feba2779@%3Cissues.spark.apache.org%3E
https://lists.apache.org/thread.html/r6ac143ba6dd98bd4bf6bf010d46e56e254056459721ba18822d611f7@%3Cissues.spark.apache.org%3E
https://lists.apache.org/thread.html/r9cbc69e57276413788e90a6ee16c7c034ea4258d31935b70db2bd158@%3Cissues.spark.apache.org%3E
https://lists.apache.org/thread.html/rcd70a4c88a47a75fd2d5f3ffb7cee8c2a18c713320bd90fdcb57495f@%3Cissues.spark.apache.org%3E
https://lists.apache.org/thread.html/rf5e1256d870193def4a82ad89ab95e63943a313b5ff0d81aa87e4532@%3Cissues.spark.apache.org%3E
https://lists.apache.org/thread.html/rfd5273d72d244178441e6904a2f2b41a3268f569e8092ea0b3b2bb20@%3Cissues.spark.apache.org%3E
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OSLAE6PP33A7VYRYMYMUVB3U6B26GZER/
https://security.netapp.com/advisory/ntap-20210416-0005/
https://ubuntu.com/security/notices/USN-5029-1
https://www.gnutls.org/security-new.html#GNUTLS-SA-2021-03-10
gnutls CVE-2021-3580 MEDIUM 3.6.14-8.el8_3 3.6.16-4.el8
Expand...https://bugzilla.redhat.com/show_bug.cgi?id=1967983
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3580
https://linux.oracle.com/cve/CVE-2021-3580.html
https://linux.oracle.com/errata/ELSA-2021-4451.html
https://lists.debian.org/debian-lts-announce/2021/09/msg00008.html
https://security.netapp.com/advisory/ntap-20211104-0006/
https://ubuntu.com/security/notices/USN-4990-1
json-c CVE-2020-12762 MEDIUM 0.13.1-0.4.el8 0.13.1-2.el8
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12762
https://github.com/json-c/json-c/pull/592
https://github.com/rsyslog/libfastjson/issues/161
https://linux.oracle.com/cve/CVE-2020-12762.html
https://linux.oracle.com/errata/ELSA-2021-4382.html
https://lists.debian.org/debian-lts-announce/2020/05/msg00032.html
https://lists.debian.org/debian-lts-announce/2020/05/msg00034.html
https://lists.debian.org/debian-lts-announce/2020/07/msg00031.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CBR36IXYBHITAZFB5PFBJTED22WO5ONB/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CQQRRGBQCAWNCCJ2HN3W5SSCZ4QGMXQI/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W226TSCJBEOXDUFVKNWNH7ETG7AR6MCS/
https://security.gentoo.org/glsa/202006-13
https://security.netapp.com/advisory/ntap-20210521-0001/
https://ubuntu.com/security/notices/USN-4360-1
https://ubuntu.com/security/notices/USN-4360-4
https://usn.ubuntu.com/4360-1/
https://usn.ubuntu.com/4360-4/
https://www.debian.org/security/2020/dsa-4741
krb5-libs CVE-2020-17049 MEDIUM 1.18.2-8.3.el8_4
Expand...http://www.openwall.com/lists/oss-security/2021/11/10/3
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2020-17049
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17049
libarchive CVE-2020-21674 MEDIUM 3.3.3-1.el8
Expand...https://github.com/libarchive/libarchive/commit/4f085eea879e2be745f4d9bf57e8513ae48157f4
https://github.com/libarchive/libarchive/issues/1298
libarchive CVE-2017-14166 LOW 3.3.3-1.el8
Expand...http://www.openwall.com/lists/oss-security/2017/09/06/5
https://blogs.gentoo.org/ago/2017/09/06/libarchive-heap-based-buffer-overflow-in-xml_data-archive_read_support_format_xar-c/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14166
https://github.com/libarchive/libarchive/commit/fa7438a0ff4033e4741c807394a9af6207940d71
https://lists.debian.org/debian-lts-announce/2018/11/msg00037.html
https://security.gentoo.org/glsa/201908-11
https://ubuntu.com/security/notices/USN-3736-1
https://usn.ubuntu.com/3736-1/
https://www.debian.org/security/2018/dsa-4360
libarchive CVE-2017-14501 LOW 3.3.3-1.el8
Expand...https://bugs.debian.org/875966
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14501
https://github.com/libarchive/libarchive/issues/949
https://lists.debian.org/debian-lts-announce/2018/11/msg00037.html
https://security.gentoo.org/glsa/201908-11
https://ubuntu.com/security/notices/USN-3736-1
https://usn.ubuntu.com/3736-1/
https://www.debian.org/security/2018/dsa-4360
libarchive CVE-2018-1000879 LOW 3.3.3-1.el8
Expand...http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00055.html
http://www.securityfocus.com/bid/106324
https://bugs.launchpad.net/ubuntu/+source/libarchive/+bug/1794909
https://github.com/libarchive/libarchive/pull/1105
https://github.com/libarchive/libarchive/pull/1105/commits/15bf44fd2c1ad0e3fd87048b3fcc90c4dcff1175
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CBOCC2M6YGPZA6US43YK4INPSJZZHRTG/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W645KCLWFDBDGFJHG57WOVXGE62QSIJI/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZVXA7PHINVT6DFF6PRLTDTVTXKDLVHNF/
libarchive CVE-2018-1000880 LOW 3.3.3-1.el8
Expand...http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00055.html
http://www.securityfocus.com/bid/106324
https://bugs.launchpad.net/ubuntu/+source/libarchive/+bug/1794909
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000880
https://github.com/libarchive/libarchive/pull/1105
https://github.com/libarchive/libarchive/pull/1105/commits/9c84b7426660c09c18cc349f6d70b5f8168b5680
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CBOCC2M6YGPZA6US43YK4INPSJZZHRTG/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W645KCLWFDBDGFJHG57WOVXGE62QSIJI/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZVXA7PHINVT6DFF6PRLTDTVTXKDLVHNF/
https://ubuntu.com/security/notices/USN-3859-1
https://usn.ubuntu.com/3859-1/
https://www.debian.org/security/2018/dsa-4360
libcurl CVE-2021-22876 MEDIUM 7.61.1-18.el8_4.2 7.61.1-22.el8
Expand...https://curl.se/docs/CVE-2021-22876.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22876
https://hackerone.com/reports/1101882
https://linux.oracle.com/cve/CVE-2021-22876.html
https://linux.oracle.com/errata/ELSA-2021-4511.html
https://lists.debian.org/debian-lts-announce/2021/05/msg00019.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2ZC5BMIOKLBQJSFCHEDN2G2C2SH274BP/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ITVWPVGLFISU5BJC2BXBRYSDXTXE2YGC/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KQUIOYX2KUU6FIUZVB5WWZ6JHSSYSQWJ/
https://security.gentoo.org/glsa/202105-36
https://security.netapp.com/advisory/ntap-20210521-0007/
https://ubuntu.com/security/notices/USN-4898-1
https://ubuntu.com/security/notices/USN-4903-1
libcurl CVE-2021-22898 LOW 7.61.1-18.el8_4.2 7.61.1-22.el8
Expand...http://www.openwall.com/lists/oss-security/2021/07/21/4
https://curl.se/docs/CVE-2021-22898.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22898
https://github.com/curl/curl/commit/39ce47f219b09c380b81f89fe54ac586c8db6bde
https://hackerone.com/reports/1176461
https://linux.oracle.com/cve/CVE-2021-22898.html
https://linux.oracle.com/errata/ELSA-2021-4511.html
https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c@%3Cissues.guacamole.apache.org%3E
https://lists.debian.org/debian-lts-announce/2021/08/msg00017.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/POOC3UV7V6L4CJ5KA2PTWTNUV5Y72T3Q/
https://ubuntu.com/security/notices/USN-5021-1
https://www.oracle.com//security-alerts/cpujul2021.html
libcurl CVE-2021-22925 LOW 7.61.1-18.el8_4.2 7.61.1-22.el8
Expand...http://seclists.org/fulldisclosure/2021/Sep/39
http://seclists.org/fulldisclosure/2021/Sep/40
https://curl.se/docs/CVE-2021-22925.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22925
https://hackerone.com/reports/1223882
https://linux.oracle.com/cve/CVE-2021-22925.html
https://linux.oracle.com/errata/ELSA-2021-4511.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FRUCW2UVNYUDZF72DQLFQR4PJEC6CF7V/
https://security.netapp.com/advisory/ntap-20210902-0003/
https://support.apple.com/kb/HT212804
https://support.apple.com/kb/HT212805
https://ubuntu.com/security/notices/USN-5021-1
https://www.oracle.com/security-alerts/cpuoct2021.html
libdnf CVE-2021-3445 MEDIUM 0.55.0-7.el8 0.63.0-3.el8
Expand...https://bugzilla.redhat.com/show_bug.cgi?id=1932079
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3445
https://linux.oracle.com/cve/CVE-2021-3445.html
https://linux.oracle.com/errata/ELSA-2021-4464.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DPMFGGQ5T6WVFTFX3OKMVTTM5O4EXWZR/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/G4NL7TNWAHJ6JVRABQUPWHKKCTHUZMNF/
libgcc CVE-2018-20673 MEDIUM 8.4.1-1.el8 8.5.0-3.el8
Expand...http://www.securityfocus.com/bid/106454
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20673
https://linux.oracle.com/cve/CVE-2018-20673.html
https://linux.oracle.com/errata/ELSA-2021-4386.html
https://sourceware.org/bugzilla/show_bug.cgi?id=24039
libgcc CVE-2021-42574 MEDIUM 8.4.1-1.el8 8.5.0-4.el8_5
Expand...http://www.openwall.com/lists/oss-security/2021/11/01/1
http://www.openwall.com/lists/oss-security/2021/11/01/4
http://www.openwall.com/lists/oss-security/2021/11/01/5
http://www.openwall.com/lists/oss-security/2021/11/01/6
http://www.openwall.com/lists/oss-security/2021/11/02/10
http://www.unicode.org/versions/Unicode14.0.0/
https://linux.oracle.com/cve/CVE-2021-42574.html
https://linux.oracle.com/errata/ELSA-2021-4743.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IH2RG5YTR6ZZOLUV3EUPZEIJR7XHJLVD/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LQNTFF24ROHLVPLUOEISBN3F7QM27L4U/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QUPA37D57VPTDLSXOOGF4UXUEADOC4PQ/
https://trojansource.codes
https://trojansource.codes/
https://www.kb.cert.org/vuls/id/999008
https://www.lightbluetouchpaper.org/2021/11/01/trojan-source-invisible-vulnerabilities/
https://www.scyon.nl/post/trojans-in-your-source-code
https://www.unicode.org/reports/tr36/#Bidirectional_Text_Spoofing
https://www.unicode.org/reports/tr39/
libgcc CVE-2021-42694 MEDIUM 8.4.1-1.el8
Expand...http://www.openwall.com/lists/oss-security/2021/11/01/1
http://www.openwall.com/lists/oss-security/2021/11/01/6
http://www.unicode.org/versions/Unicode14.0.0/
https://trojansource.codes
https://trojansource.codes/
https://www.kb.cert.org/vuls/id/999008
https://www.lightbluetouchpaper.org/2021/11/01/trojan-source-invisible-vulnerabilities/
https://www.scyon.nl/post/trojans-in-your-source-code
https://www.unicode.org/reports/tr36/#Canonical_Represenation
libgcc CVE-2018-20657 LOW 8.4.1-1.el8
Expand...http://www.securityfocus.com/bid/106444
https://access.redhat.com/errata/RHSA-2019:3352
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20657
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=88539
https://linux.oracle.com/cve/CVE-2018-20657.html
https://linux.oracle.com/errata/ELSA-2019-3352.html
https://support.f5.com/csp/article/K62602089
libgcc CVE-2019-14250 LOW 8.4.1-1.el8
Expand...http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html
http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html
http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00058.html
http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00078.html
http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00004.html
http://www.securityfocus.com/bid/109354
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14250
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=90924
https://gcc.gnu.org/ml/gcc-patches/2019-07/msg01003.html
https://security.gentoo.org/glsa/202007-39
https://security.netapp.com/advisory/ntap-20190822-0002/
https://ubuntu.com/security/notices/USN-4326-1
https://ubuntu.com/security/notices/USN-4336-1
https://ubuntu.com/security/notices/USN-4336-2
https://usn.ubuntu.com/4326-1/
https://usn.ubuntu.com/4336-1/
libgcrypt CVE-2019-12904 MEDIUM 1.8.5-4.el8
Expand...http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00049.html
https://dev.gnupg.org/T4541
https://github.com/gpg/libgcrypt/commit/a4c561aab1014c3630bc88faf6f5246fee16b020
https://github.com/gpg/libgcrypt/commit/daedbbb5541cd8ecda1459d3b843ea4d92788762
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-12904.html
libgcrypt CVE-2021-33560 MEDIUM 1.8.5-4.el8 1.8.5-6.el8
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33560
https://dev.gnupg.org/T5305
https://dev.gnupg.org/T5328
https://dev.gnupg.org/T5466
https://dev.gnupg.org/rCe8b7f10be275bcedb5fc05ed4837a89bfd605c61
https://eprint.iacr.org/2021/923
https://linux.oracle.com/cve/CVE-2021-33560.html
https://linux.oracle.com/errata/ELSA-2021-4409.html
https://lists.debian.org/debian-lts-announce/2021/06/msg00021.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BKKTOIGFW2SGN3DO2UHHVZ7MJSYN4AAB/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R7OAPCUGPF3VLA7QAJUQSL255D4ITVTL/
https://ubuntu.com/security/notices/USN-5080-1
https://ubuntu.com/security/notices/USN-5080-2
https://www.oracle.com/security-alerts/cpuoct2021.html
libgcrypt CVE-2021-40528 MEDIUM 1.8.5-4.el8
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40528
https://dev.gnupg.org/rCb118681ebc4c9ea4b9da79b0f9541405a64f4c13
https://eprint.iacr.org/2021/923
https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=commit;h=3462280f2e23e16adf3ed5176e0f2413d8861320
https://ibm.github.io/system-security-research-updates/2021/07/20/insecurity-elgamal-pt1
https://ibm.github.io/system-security-research-updates/2021/09/06/insecurity-elgamal-pt2
https://ubuntu.com/security/notices/USN-5080-1
https://ubuntu.com/security/notices/USN-5080-2
libsepol CVE-2021-36084 MEDIUM 2.9-2.el8 2.9-3.el8
Expand...https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31065
https://github.com/SELinuxProject/selinux/commit/f34d3d30c8325e4847a6b696fe7a3936a8a361f3
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-417.yaml
https://linux.oracle.com/cve/CVE-2021-36084.html
https://linux.oracle.com/errata/ELSA-2021-4513.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/
libsepol CVE-2021-36085 MEDIUM 2.9-2.el8 2.9-3.el8
Expand...https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31124
https://github.com/SELinuxProject/selinux/commit/2d35fcc7e9e976a2346b1de20e54f8663e8a6cba
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-421.yaml
https://linux.oracle.com/cve/CVE-2021-36085.html
https://linux.oracle.com/errata/ELSA-2021-4513.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/
libsepol CVE-2021-36086 MEDIUM 2.9-2.el8 2.9-3.el8
Expand...https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32177
https://github.com/SELinuxProject/selinux/commit/c49a8ea09501ad66e799ea41b8154b6770fec2c8
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-536.yaml
https://linux.oracle.com/cve/CVE-2021-36086.html
https://linux.oracle.com/errata/ELSA-2021-4513.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/
libsepol CVE-2021-36087 MEDIUM 2.9-2.el8 2.9-3.el8
Expand...https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32675
https://github.com/SELinuxProject/selinux/commit/340f0eb7f3673e8aacaf0a96cbfcd4d12a405521
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-585.yaml
https://linux.oracle.com/cve/CVE-2021-36087.html
https://linux.oracle.com/errata/ELSA-2021-4513.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U7ZYR3PIJ75N6U2IONJWCKZ5L2NKJTGR/
https://lore.kernel.org/selinux/CAEN2sdqJKHvDzPnxS-J8grU8fSf32DDtx=kyh84OsCq_Vm+yaQ@mail.gmail.com/T/
libsolv CVE-2021-3200 LOW 0.7.16-3.el8_4 0.7.19-1.el8
Expand...https://github.com/openSUSE/libsolv/issues/416
https://github.com/yangjiageng/PoC/blob/master/libsolv-PoCs/PoC-testcase_read-2334
https://linux.oracle.com/cve/CVE-2021-3200.html
https://linux.oracle.com/errata/ELSA-2021-4408.html
libssh CVE-2020-16135 LOW 0.9.4-2.el8 0.9.4-3.el8
Expand...https://bugs.gentoo.org/734624
https://bugs.libssh.org/T232
https://bugs.libssh.org/rLIBSSHe631ebb3e2247dd25e9678e6827c20dc73b73238
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16135
https://gitlab.com/libssh/libssh-mirror/-/merge_requests/120
https://gitlab.com/libssh/libssh-mirror/-/merge_requests/120/diffs?commit_id=1493b4466fa394b321d196ad63dd6a4fa395d337
https://gitlab.com/libssh/libssh-mirror/-/merge_requests/120/diffs?commit_id=65ae496222018221080dd753a52f6d70bf3ca5f3
https://gitlab.com/libssh/libssh-mirror/-/merge_requests/120/diffs?commit_id=dbfb7f44aa905a7103bdde9a198c1e9b0f480c2e
https://gitlab.com/libssh/libssh-mirror/-/merge_requests/120/diffs?commit_id=df0acab3a077bd8ae015e3e8b4c71ff31b5900fe
https://linux.oracle.com/cve/CVE-2020-16135.html
https://linux.oracle.com/errata/ELSA-2021-4387.html
https://lists.debian.org/debian-lts-announce/2020/07/msg00034.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FCIKQRKXAAB4HMWM62EPZJ4DVBHIIEG6/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JNW5GBC6JFN76VEWQXMLT5F7VCZ5AJ2E/
https://security.gentoo.org/glsa/202011-05
https://ubuntu.com/security/notices/USN-4447-1
https://usn.ubuntu.com/4447-1/
libssh CVE-2021-3634 LOW 0.9.4-2.el8
Expand...https://bugzilla.redhat.com/show_bug.cgi?id=1978810
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3634
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DRK67AJCWYYVAGF5SGAHNZXCX3PN3ZFP/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JKYD3ZRAMDAQX3ZW6THHUF3GXN7FF6B4/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SVWAAB2XMKEUMPMDALINKAA4U2QM4LNG/
https://security.netapp.com/advisory/ntap-20211004-0003/
https://ubuntu.com/security/notices/USN-5053-1
https://www.debian.org/security/2021/dsa-4965
libssh-config CVE-2020-16135 LOW 0.9.4-2.el8 0.9.4-3.el8
Expand...https://bugs.gentoo.org/734624
https://bugs.libssh.org/T232
https://bugs.libssh.org/rLIBSSHe631ebb3e2247dd25e9678e6827c20dc73b73238
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16135
https://gitlab.com/libssh/libssh-mirror/-/merge_requests/120
https://gitlab.com/libssh/libssh-mirror/-/merge_requests/120/diffs?commit_id=1493b4466fa394b321d196ad63dd6a4fa395d337
https://gitlab.com/libssh/libssh-mirror/-/merge_requests/120/diffs?commit_id=65ae496222018221080dd753a52f6d70bf3ca5f3
https://gitlab.com/libssh/libssh-mirror/-/merge_requests/120/diffs?commit_id=dbfb7f44aa905a7103bdde9a198c1e9b0f480c2e
https://gitlab.com/libssh/libssh-mirror/-/merge_requests/120/diffs?commit_id=df0acab3a077bd8ae015e3e8b4c71ff31b5900fe
https://linux.oracle.com/cve/CVE-2020-16135.html
https://linux.oracle.com/errata/ELSA-2021-4387.html
https://lists.debian.org/debian-lts-announce/2020/07/msg00034.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FCIKQRKXAAB4HMWM62EPZJ4DVBHIIEG6/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JNW5GBC6JFN76VEWQXMLT5F7VCZ5AJ2E/
https://security.gentoo.org/glsa/202011-05
https://ubuntu.com/security/notices/USN-4447-1
https://usn.ubuntu.com/4447-1/
libssh-config CVE-2021-3634 LOW 0.9.4-2.el8
Expand...https://bugzilla.redhat.com/show_bug.cgi?id=1978810
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3634
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DRK67AJCWYYVAGF5SGAHNZXCX3PN3ZFP/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JKYD3ZRAMDAQX3ZW6THHUF3GXN7FF6B4/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SVWAAB2XMKEUMPMDALINKAA4U2QM4LNG/
https://security.netapp.com/advisory/ntap-20211004-0003/
https://ubuntu.com/security/notices/USN-5053-1
https://www.debian.org/security/2021/dsa-4965
libstdc++ CVE-2018-20673 MEDIUM 8.4.1-1.el8 8.5.0-3.el8
Expand...http://www.securityfocus.com/bid/106454
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20673
https://linux.oracle.com/cve/CVE-2018-20673.html
https://linux.oracle.com/errata/ELSA-2021-4386.html
https://sourceware.org/bugzilla/show_bug.cgi?id=24039
libstdc++ CVE-2021-42574 MEDIUM 8.4.1-1.el8 8.5.0-4.el8_5
Expand...http://www.openwall.com/lists/oss-security/2021/11/01/1
http://www.openwall.com/lists/oss-security/2021/11/01/4
http://www.openwall.com/lists/oss-security/2021/11/01/5
http://www.openwall.com/lists/oss-security/2021/11/01/6
http://www.openwall.com/lists/oss-security/2021/11/02/10
http://www.unicode.org/versions/Unicode14.0.0/
https://linux.oracle.com/cve/CVE-2021-42574.html
https://linux.oracle.com/errata/ELSA-2021-4743.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IH2RG5YTR6ZZOLUV3EUPZEIJR7XHJLVD/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LQNTFF24ROHLVPLUOEISBN3F7QM27L4U/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QUPA37D57VPTDLSXOOGF4UXUEADOC4PQ/
https://trojansource.codes
https://trojansource.codes/
https://www.kb.cert.org/vuls/id/999008
https://www.lightbluetouchpaper.org/2021/11/01/trojan-source-invisible-vulnerabilities/
https://www.scyon.nl/post/trojans-in-your-source-code
https://www.unicode.org/reports/tr36/#Bidirectional_Text_Spoofing
https://www.unicode.org/reports/tr39/
libstdc++ CVE-2021-42694 MEDIUM 8.4.1-1.el8
Expand...http://www.openwall.com/lists/oss-security/2021/11/01/1
http://www.openwall.com/lists/oss-security/2021/11/01/6
http://www.unicode.org/versions/Unicode14.0.0/
https://trojansource.codes
https://trojansource.codes/
https://www.kb.cert.org/vuls/id/999008
https://www.lightbluetouchpaper.org/2021/11/01/trojan-source-invisible-vulnerabilities/
https://www.scyon.nl/post/trojans-in-your-source-code
https://www.unicode.org/reports/tr36/#Canonical_Represenation
libstdc++ CVE-2018-20657 LOW 8.4.1-1.el8
Expand...http://www.securityfocus.com/bid/106444
https://access.redhat.com/errata/RHSA-2019:3352
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20657
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=88539
https://linux.oracle.com/cve/CVE-2018-20657.html
https://linux.oracle.com/errata/ELSA-2019-3352.html
https://support.f5.com/csp/article/K62602089
libstdc++ CVE-2019-14250 LOW 8.4.1-1.el8
Expand...http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00056.html
http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00057.html
http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00058.html
http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00078.html
http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00004.html
http://www.securityfocus.com/bid/109354
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14250
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=90924
https://gcc.gnu.org/ml/gcc-patches/2019-07/msg01003.html
https://security.gentoo.org/glsa/202007-39
https://security.netapp.com/advisory/ntap-20190822-0002/
https://ubuntu.com/security/notices/USN-4326-1
https://ubuntu.com/security/notices/USN-4336-1
https://ubuntu.com/security/notices/USN-4336-2
https://usn.ubuntu.com/4326-1/
https://usn.ubuntu.com/4336-1/
libtasn1 CVE-2018-1000654 LOW 4.13-3.el8
Expand...http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00009.html
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00018.html
http://www.securityfocus.com/bid/105151
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000654
https://gitlab.com/gnutls/libtasn1/issues/4
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
libzstd CVE-2021-24032 LOW 1.4.4-1.el8
Expand...https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=982519
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24032
https://github.com/facebook/zstd/issues/2491
https://ubuntu.com/security/notices/USN-4760-1
https://www.facebook.com/security/advisories/cve-2021-24032
lua-libs CVE-2020-24370 LOW 5.3.4-11.el8 5.3.4-12.el8
Expand...http://lua-users.org/lists/lua-l/2020-07/msg00324.html
https://github.com/lua/lua/commit/a585eae6e7ada1ca9271607a4f48dfb17868ab7b
https://linux.oracle.com/cve/CVE-2020-24370.html
https://linux.oracle.com/errata/ELSA-2021-4510.html
https://lists.debian.org/debian-lts-announce/2020/09/msg00019.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E6KONNG6UEI3FMEOY67NDZC32NBGBI44/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXYMCIUNGK26VHAYHGP5LPW56G2KWOHQ/
lz4-libs CVE-2019-17543 MEDIUM 1.8.3-3.el8_4
Expand...http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00069.html
http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00070.html
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15941
https://github.com/lz4/lz4/compare/v1.9.1...v1.9.2
https://github.com/lz4/lz4/issues/801
https://github.com/lz4/lz4/pull/756
https://github.com/lz4/lz4/pull/760
https://lists.apache.org/thread.html/25015588b770d67470b7ba7ea49a305d6735dd7f00eabe7d50ec1e17@%3Cissues.arrow.apache.org%3E
https://lists.apache.org/thread.html/543302d55e2d2da4311994e9b0debdc676bf3fd05e1a2be3407aa2d6@%3Cissues.arrow.apache.org%3E
https://lists.apache.org/thread.html/793012683dc0fa6819b7c2560e6cf990811014c40c7d75412099c357@%3Cissues.arrow.apache.org%3E
https://lists.apache.org/thread.html/9ff0606d16be2ab6a81619e1c9e23c3e251756638e36272c8c8b7fa3@%3Cissues.arrow.apache.org%3E
https://lists.apache.org/thread.html/f0038c4fab2ee25aee849ebeff6b33b3aa89e07ccfb06b5c87b36316@%3Cissues.arrow.apache.org%3E
https://lists.apache.org/thread.html/f506bc371d4a068d5d84d7361293568f61167d3a1c3e91f0def2d7d3@%3Cdev.arrow.apache.org%3E
https://lists.apache.org/thread.html/r0fb226357e7988a241b06b93bab065bcea2eb38658b382e485960e26@%3Cissues.kudu.apache.org%3E
https://lists.apache.org/thread.html/r4068ba81066792f2b4d208b39c4c4713c5d4c79bd8cb6c1904af5720@%3Cissues.kudu.apache.org%3E
https://lists.apache.org/thread.html/r7bc72200f94298bc9a0e35637f388deb53467ca4b2e2ad1ff66d8960@%3Cissues.kudu.apache.org%3E
https://www.oracle.com//security-alerts/cpujul2021.html
https://www.oracle.com/security-alerts/cpuoct2020.html
ncurses-base CVE-2019-17594 MEDIUM 6.1-7.20180224.el8 6.1-9.20180224.el8
Expand...http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00059.html
http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00061.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17594
https://linux.oracle.com/cve/CVE-2019-17594.html
https://linux.oracle.com/errata/ELSA-2021-4426.html
https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00017.html
https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00045.html
https://security.gentoo.org/glsa/202101-28
ncurses-base CVE-2019-17595 MEDIUM 6.1-7.20180224.el8 6.1-9.20180224.el8
Expand...http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00059.html
http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00061.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17595
https://linux.oracle.com/cve/CVE-2019-17595.html
https://linux.oracle.com/errata/ELSA-2021-4426.html
https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00013.html
https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00045.html
https://security.gentoo.org/glsa/202101-28
ncurses-base CVE-2021-39537 MEDIUM 6.1-7.20180224.el8
Expand...http://cvsweb.netbsd.org/bsdweb.cgi/pkgsrc/devel/ncurses/patches/patch-ncurses_tinfo_captoinfo.c?rev=1.1&content-type=text/x-cvsweb-markup
https://lists.gnu.org/archive/html/bug-ncurses/2020-08/msg00006.html
https://lists.gnu.org/archive/html/bug-ncurses/2021-10/msg00023.html
ncurses-base CVE-2018-19211 LOW 6.1-7.20180224.el8
Expand...https://bugzilla.redhat.com/show_bug.cgi?id=1643754
ncurses-base CVE-2018-19217 LOW 6.1-7.20180224.el8
Expand...https://bugzilla.redhat.com/show_bug.cgi?id=1643753
ncurses-libs CVE-2019-17594 MEDIUM 6.1-7.20180224.el8 6.1-9.20180224.el8
Expand...http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00059.html
http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00061.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17594
https://linux.oracle.com/cve/CVE-2019-17594.html
https://linux.oracle.com/errata/ELSA-2021-4426.html
https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00017.html
https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00045.html
https://security.gentoo.org/glsa/202101-28
ncurses-libs CVE-2019-17595 MEDIUM 6.1-7.20180224.el8 6.1-9.20180224.el8
Expand...http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00059.html
http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00061.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17595
https://linux.oracle.com/cve/CVE-2019-17595.html
https://linux.oracle.com/errata/ELSA-2021-4426.html
https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00013.html
https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00045.html
https://security.gentoo.org/glsa/202101-28
ncurses-libs CVE-2021-39537 MEDIUM 6.1-7.20180224.el8
Expand...http://cvsweb.netbsd.org/bsdweb.cgi/pkgsrc/devel/ncurses/patches/patch-ncurses_tinfo_captoinfo.c?rev=1.1&content-type=text/x-cvsweb-markup
https://lists.gnu.org/archive/html/bug-ncurses/2020-08/msg00006.html
https://lists.gnu.org/archive/html/bug-ncurses/2021-10/msg00023.html
ncurses-libs CVE-2018-19211 LOW 6.1-7.20180224.el8
Expand...https://bugzilla.redhat.com/show_bug.cgi?id=1643754
ncurses-libs CVE-2018-19217 LOW 6.1-7.20180224.el8
Expand...https://bugzilla.redhat.com/show_bug.cgi?id=1643753
nettle CVE-2021-20231 MEDIUM 3.4.1-4.el8_3 3.4.1-7.el8
Expand...https://bugzilla.redhat.com/show_bug.cgi?id=1922276
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20231
https://linux.oracle.com/cve/CVE-2021-20231.html
https://linux.oracle.com/errata/ELSA-2021-4451.html
https://lists.apache.org/thread.html/r50661d6f0082709aad9a584431b59ec364f9974b63b07e0800230168@%3Cissues.spark.apache.org%3E
https://lists.apache.org/thread.html/r5d4001031e7790d8c6396c499522b4ed2aab782da87b1a14184793bb@%3Cissues.spark.apache.org%3E
https://lists.apache.org/thread.html/r5f88bed447742fcc5c47bf1c7be965ef450131914a6e1f85feba2779@%3Cissues.spark.apache.org%3E
https://lists.apache.org/thread.html/r6ac143ba6dd98bd4bf6bf010d46e56e254056459721ba18822d611f7@%3Cissues.spark.apache.org%3E
https://lists.apache.org/thread.html/r9cbc69e57276413788e90a6ee16c7c034ea4258d31935b70db2bd158@%3Cissues.spark.apache.org%3E
https://lists.apache.org/thread.html/rcd70a4c88a47a75fd2d5f3ffb7cee8c2a18c713320bd90fdcb57495f@%3Cissues.spark.apache.org%3E
https://lists.apache.org/thread.html/rf5e1256d870193def4a82ad89ab95e63943a313b5ff0d81aa87e4532@%3Cissues.spark.apache.org%3E
https://lists.apache.org/thread.html/rfd5273d72d244178441e6904a2f2b41a3268f569e8092ea0b3b2bb20@%3Cissues.spark.apache.org%3E
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OSLAE6PP33A7VYRYMYMUVB3U6B26GZER/
https://security.netapp.com/advisory/ntap-20210416-0005/
https://ubuntu.com/security/notices/USN-5029-1
https://www.gnutls.org/security-new.html#GNUTLS-SA-2021-03-10
nettle CVE-2021-20232 MEDIUM 3.4.1-4.el8_3 3.4.1-7.el8
Expand...https://bugzilla.redhat.com/show_bug.cgi?id=1922275
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20232
https://linux.oracle.com/cve/CVE-2021-20232.html
https://linux.oracle.com/errata/ELSA-2021-4451.html
https://lists.apache.org/thread.html/r50661d6f0082709aad9a584431b59ec364f9974b63b07e0800230168@%3Cissues.spark.apache.org%3E
https://lists.apache.org/thread.html/r5d4001031e7790d8c6396c499522b4ed2aab782da87b1a14184793bb@%3Cissues.spark.apache.org%3E
https://lists.apache.org/thread.html/r5f88bed447742fcc5c47bf1c7be965ef450131914a6e1f85feba2779@%3Cissues.spark.apache.org%3E
https://lists.apache.org/thread.html/r6ac143ba6dd98bd4bf6bf010d46e56e254056459721ba18822d611f7@%3Cissues.spark.apache.org%3E
https://lists.apache.org/thread.html/r9cbc69e57276413788e90a6ee16c7c034ea4258d31935b70db2bd158@%3Cissues.spark.apache.org%3E
https://lists.apache.org/thread.html/rcd70a4c88a47a75fd2d5f3ffb7cee8c2a18c713320bd90fdcb57495f@%3Cissues.spark.apache.org%3E
https://lists.apache.org/thread.html/rf5e1256d870193def4a82ad89ab95e63943a313b5ff0d81aa87e4532@%3Cissues.spark.apache.org%3E
https://lists.apache.org/thread.html/rfd5273d72d244178441e6904a2f2b41a3268f569e8092ea0b3b2bb20@%3Cissues.spark.apache.org%3E
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OSLAE6PP33A7VYRYMYMUVB3U6B26GZER/
https://security.netapp.com/advisory/ntap-20210416-0005/
https://ubuntu.com/security/notices/USN-5029-1
https://www.gnutls.org/security-new.html#GNUTLS-SA-2021-03-10
nettle CVE-2021-3580 MEDIUM 3.4.1-4.el8_3 3.4.1-7.el8
Expand...https://bugzilla.redhat.com/show_bug.cgi?id=1967983
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3580
https://linux.oracle.com/cve/CVE-2021-3580.html
https://linux.oracle.com/errata/ELSA-2021-4451.html
https://lists.debian.org/debian-lts-announce/2021/09/msg00008.html
https://security.netapp.com/advisory/ntap-20211104-0006/
https://ubuntu.com/security/notices/USN-4990-1
openssl-libs CVE-2021-23840 MEDIUM 1:1.1.1g-15.el8_3 1:1.1.1k-4.el8
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23840
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6a51b9e1d0cf0bf8515f7201b68fb0a3482b3dc1
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9b1129239f3ebb1d1c98ce9ed41d5c9476c47cb2
https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44846
https://kc.mcafee.com/corporate/index?page=content&id=SB10366
https://linux.oracle.com/cve/CVE-2021-23840.html
https://linux.oracle.com/errata/ELSA-2021-9561.html
https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E
https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E
https://security.gentoo.org/glsa/202103-03
https://security.netapp.com/advisory/ntap-20210219-0009/
https://ubuntu.com/security/notices/USN-4738-1
https://ubuntu.com/security/notices/USN-5088-1
https://www.debian.org/security/2021/dsa-4855
https://www.openssl.org/news/secadv/20210216.txt
https://www.oracle.com//security-alerts/cpujul2021.html
https://www.oracle.com/security-alerts/cpuApr2021.html
https://www.oracle.com/security-alerts/cpuoct2021.html
https://www.tenable.com/security/tns-2021-03
https://www.tenable.com/security/tns-2021-09
https://www.tenable.com/security/tns-2021-10
openssl-libs CVE-2021-23841 MEDIUM 1:1.1.1g-15.el8_3 1:1.1.1k-4.el8
Expand...http://seclists.org/fulldisclosure/2021/May/67
http://seclists.org/fulldisclosure/2021/May/68
http://seclists.org/fulldisclosure/2021/May/70
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23841
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=122a19ab48091c657f7cb1fb3af9fc07bd557bbf
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=8252ee4d90f3f2004d3d0aeeed003ad49c9a7807
https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44846
https://linux.oracle.com/cve/CVE-2021-23841.html
https://linux.oracle.com/errata/ELSA-2021-9561.html
https://security.gentoo.org/glsa/202103-03
https://security.netapp.com/advisory/ntap-20210219-0009/
https://security.netapp.com/advisory/ntap-20210513-0002/
https://support.apple.com/kb/HT212528
https://support.apple.com/kb/HT212529
https://support.apple.com/kb/HT212534
https://ubuntu.com/security/notices/USN-4738-1
https://ubuntu.com/security/notices/USN-4745-1
https://www.debian.org/security/2021/dsa-4855
https://www.openssl.org/news/secadv/20210216.txt
https://www.oracle.com//security-alerts/cpujul2021.html
https://www.oracle.com/security-alerts/cpuApr2021.html
https://www.oracle.com/security-alerts/cpuoct2021.html
https://www.tenable.com/security/tns-2021-03
https://www.tenable.com/security/tns-2021-09
openssl-libs CVE-2021-3712 MEDIUM 1:1.1.1g-15.el8_3
Expand...http://www.openwall.com/lists/oss-security/2021/08/26/2
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3712
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=94d23fcff9b2a7a8368dfe52214d5c2569882c11
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ccb0a11145ee72b042d10593a64eaf9e8a55ec12
https://kc.mcafee.com/corporate/index?page=content&id=SB10366
https://lists.apache.org/thread.html/r18995de860f0e63635f3008fd2a6aca82394249476d21691e7c59c9e@%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/rad5d9f83f0d11fb3f8bb148d179b8a9ad7c6a17f18d70e5805a713d1@%3Cdev.tomcat.apache.org%3E
https://lists.debian.org/debian-lts-announce/2021/09/msg00014.html
https://lists.debian.org/debian-lts-announce/2021/09/msg00021.html
https://security.netapp.com/advisory/ntap-20210827-0010/
https://ubuntu.com/security/notices/USN-5051-1
https://ubuntu.com/security/notices/USN-5051-2
https://ubuntu.com/security/notices/USN-5051-3
https://ubuntu.com/security/notices/USN-5051-4 (regression only in trusty/esm)
https://ubuntu.com/security/notices/USN-5088-1
https://www.debian.org/security/2021/dsa-4963
https://www.openssl.org/news/secadv/20210824.txt
https://www.oracle.com/security-alerts/cpuoct2021.html
https://www.tenable.com/security/tns-2021-16
pcre CVE-2019-20838 LOW 8.42-4.el8 8.42-6.el8
Expand...http://seclists.org/fulldisclosure/2020/Dec/32
http://seclists.org/fulldisclosure/2021/Feb/14
https://bugs.gentoo.org/717920
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20838
https://linux.oracle.com/cve/CVE-2019-20838.html
https://linux.oracle.com/errata/ELSA-2021-4373.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://support.apple.com/kb/HT211931
https://support.apple.com/kb/HT212147
https://www.pcre.org/original/changelog.txt
pcre CVE-2020-14155 LOW 8.42-4.el8 8.42-6.el8
Expand...http://seclists.org/fulldisclosure/2020/Dec/32
http://seclists.org/fulldisclosure/2021/Feb/14
https://about.gitlab.com/releases/2020/07/01/security-release-13-1-2-release/
https://bugs.gentoo.org/717920
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14155
https://linux.oracle.com/cve/CVE-2020-14155.html
https://linux.oracle.com/errata/ELSA-2021-4373.html
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://support.apple.com/kb/HT211931
https://support.apple.com/kb/HT212147
https://www.pcre.org/original/changelog.txt
rpm CVE-2021-3521 MEDIUM 4.14.3-14.el8_4
Expand...
rpm CVE-2021-35937 MEDIUM 4.14.3-14.el8_4
Expand...
rpm CVE-2021-35938 MEDIUM 4.14.3-14.el8_4
Expand...
rpm CVE-2021-35939 MEDIUM 4.14.3-14.el8_4
Expand...
rpm CVE-2021-20266 LOW 4.14.3-14.el8_4 4.14.3-19.el8
Expand...https://bugzilla.redhat.com/show_bug.cgi?id=1927741
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20266
https://linux.oracle.com/cve/CVE-2021-20266.html
https://linux.oracle.com/errata/ELSA-2021-4489.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TMGXO3W6DHPO62GJ4VVF5DEUX5DRUR5K/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHRPNBCRPDJHHQE3MBPSZK4H7X2IM7AC/
rpm-libs CVE-2021-3521 MEDIUM 4.14.3-14.el8_4
Expand...
rpm-libs CVE-2021-35937 MEDIUM 4.14.3-14.el8_4
Expand...
rpm-libs CVE-2021-35938 MEDIUM 4.14.3-14.el8_4
Expand...
rpm-libs CVE-2021-35939 MEDIUM 4.14.3-14.el8_4
Expand...
rpm-libs CVE-2021-20266 LOW 4.14.3-14.el8_4 4.14.3-19.el8
Expand...https://bugzilla.redhat.com/show_bug.cgi?id=1927741
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20266
https://linux.oracle.com/cve/CVE-2021-20266.html
https://linux.oracle.com/errata/ELSA-2021-4489.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TMGXO3W6DHPO62GJ4VVF5DEUX5DRUR5K/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VHRPNBCRPDJHHQE3MBPSZK4H7X2IM7AC/
sqlite-libs CVE-2019-5827 HIGH 3.26.0-13.el8 3.26.0-15.el8
Expand...http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00085.html
https://chromereleases.googleblog.com/2019/04/stable-channel-update-for-desktop_30.html
https://crbug.com/952406
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5827
https://linux.oracle.com/cve/CVE-2019-5827.html
https://linux.oracle.com/errata/ELSA-2021-4396.html
https://lists.debian.org/debian-lts-announce/2020/08/msg00037.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CPM7VPE27DUNJLXM4F5PAAEFFWOEND6X/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FKN4GPMBQ3SDXWB4HL45II5CZ7P2E4AI/
https://seclists.org/bugtraq/2019/Aug/19
https://security.gentoo.org/glsa/202003-16
https://ubuntu.com/security/notices/USN-4205-1
https://usn.ubuntu.com/4205-1/
https://www.debian.org/security/2019/dsa-4500
sqlite-libs CVE-2019-13750 MEDIUM 3.26.0-13.el8 3.26.0-15.el8
Expand...http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00032.html
http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00036.html
https://access.redhat.com/errata/RHSA-2019:4238
https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html
https://crbug.com/1025464
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13750
https://linux.oracle.com/cve/CVE-2019-13750.html
https://linux.oracle.com/errata/ELSA-2021-4396.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2Z5M4FPUMDNX2LDPHJKN5ZV5GIS2AKNU/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N5CIQCVS6E3ULJCNU7YJXJPO2BLQZDTK/
https://seclists.org/bugtraq/2020/Jan/27
https://security.gentoo.org/glsa/202003-08
https://ubuntu.com/security/notices/USN-4298-1
https://ubuntu.com/security/notices/USN-4298-2
https://usn.ubuntu.com/4298-1/
https://usn.ubuntu.com/4298-2/
https://www.debian.org/security/2020/dsa-4606
sqlite-libs CVE-2019-13751 MEDIUM 3.26.0-13.el8 3.26.0-15.el8
Expand...http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00032.html
http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00036.html
https://access.redhat.com/errata/RHSA-2019:4238
https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html
https://crbug.com/1025465
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13751
https://linux.oracle.com/cve/CVE-2019-13751.html
https://linux.oracle.com/errata/ELSA-2021-4396.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2Z5M4FPUMDNX2LDPHJKN5ZV5GIS2AKNU/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N5CIQCVS6E3ULJCNU7YJXJPO2BLQZDTK/
https://seclists.org/bugtraq/2020/Jan/27
https://security.gentoo.org/glsa/202003-08
https://ubuntu.com/security/notices/USN-4298-1
https://ubuntu.com/security/notices/USN-4298-2
https://usn.ubuntu.com/4298-1/
https://usn.ubuntu.com/4298-2/
https://www.debian.org/security/2020/dsa-4606
sqlite-libs CVE-2019-19603 MEDIUM 3.26.0-13.el8 3.26.0-15.el8
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19603
https://github.com/sqlite/sqlite/commit/527cbd4a104cb93bf3994b3dd3619a6299a78b13
https://linux.oracle.com/cve/CVE-2019-19603.html
https://linux.oracle.com/errata/ELSA-2021-4396.html
https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c@%3Cissues.guacamole.apache.org%3E
https://security.netapp.com/advisory/ntap-20191223-0001/
https://ubuntu.com/security/notices/USN-4394-1
https://usn.ubuntu.com/4394-1/
https://www.oracle.com/security-alerts/cpuapr2020.html
https://www.sqlite.org/
sqlite-libs CVE-2020-13435 MEDIUM 3.26.0-13.el8 3.26.0-15.el8
Expand...http://seclists.org/fulldisclosure/2020/Dec/32
http://seclists.org/fulldisclosure/2020/Nov/19
http://seclists.org/fulldisclosure/2020/Nov/20
http://seclists.org/fulldisclosure/2020/Nov/22
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13435
https://linux.oracle.com/cve/CVE-2020-13435.html
https://linux.oracle.com/errata/ELSA-2021-4396.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L7KXQWHIY2MQP4LNM6ODWJENMXYYQYBN/
https://security.FreeBSD.org/advisories/FreeBSD-SA-20:22.sqlite.asc
https://security.gentoo.org/glsa/202007-26
https://security.netapp.com/advisory/ntap-20200528-0004/
https://support.apple.com/kb/HT211843
https://support.apple.com/kb/HT211844
https://support.apple.com/kb/HT211850
https://support.apple.com/kb/HT211931
https://support.apple.com/kb/HT211935
https://support.apple.com/kb/HT211952
https://ubuntu.com/security/notices/USN-4394-1
https://usn.ubuntu.com/4394-1/
https://www.oracle.com/security-alerts/cpuApr2021.html
https://www.oracle.com/security-alerts/cpujul2020.html
https://www.sqlite.org/src/info/7a5279a25c57adf1
sqlite-libs CVE-2019-19244 LOW 3.26.0-13.el8
Expand...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19244
https://github.com/sqlite/sqlite/commit/e59c562b3f6894f84c715772c4b116d7b5c01348
https://ubuntu.com/security/notices/USN-4205-1
https://usn.ubuntu.com/4205-1/
https://www.oracle.com/security-alerts/cpuapr2020.html
sqlite-libs CVE-2019-9936 LOW 3.26.0-13.el8
Expand...http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00026.html
http://www.securityfocus.com/bid/107562
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9936
https://lists.debian.org/debian-lts-announce/2020/08/msg00037.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EXD2GYJVTDGEQPUNMMMC5TB7MQXOBBMO/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N66U5PY5UJU4XBFZJH7QNKIDNAVIB4OP/
https://security.gentoo.org/glsa/201908-09
https://security.netapp.com/advisory/ntap-20190416-0005/
https://sqlite.org/src/info/b3fa58dd7403dbd4
https://ubuntu.com/security/notices/USN-4019-1
https://usn.ubuntu.com/4019-1/
https://www.mail-archive.com/sqlite-users@mailinglists.sqlite.org/msg114382.html
https://www.mail-archive.com/sqlite-users@mailinglists.sqlite.org/msg114394.html
https://www.oracle.com/security-alerts/cpujan2020.html
https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
sqlite-libs CVE-2019-9937 LOW 3.26.0-13.el8
Expand...http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00026.html
http://www.securityfocus.com/bid/107562
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9937
https://lists.debian.org/debian-lts-announce/2020/08/msg00037.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EXD2GYJVTDGEQPUNMMMC5TB7MQXOBBMO/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N66U5PY5UJU4XBFZJH7QNKIDNAVIB4OP/
https://security.gentoo.org/glsa/201908-09
https://security.netapp.com/advisory/ntap-20190416-0005/
https://sqlite.org/src/info/45c73deb440496e8
https://ubuntu.com/security/notices/USN-4019-1
https://usn.ubuntu.com/4019-1/
https://www.mail-archive.com/sqlite-users@mailinglists.sqlite.org/msg114383.html
https://www.mail-archive.com/sqlite-users@mailinglists.sqlite.org/msg114393.html
https://www.oracle.com/security-alerts/cpujan2020.html
https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
systemd-libs CVE-2018-20839 MEDIUM 239-45.el8_4.3
Expand...http://www.securityfocus.com/bid/108389
https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1803993
https://github.com/systemd/systemd/commit/9725f1a10f80f5e0ae7d9b60547458622aeb322f
https://github.com/systemd/systemd/pull/12378
https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
https://security.netapp.com/advisory/ntap-20190530-0002/