Todo Lists - Arch Linux
Pending advisories
| Group | Package | Severity | Affected | Fixed | Ticket |
|---|---|---|---|---|---|
| AVG-1770 | gitlab | Critical | 13.9.4-1 | 13.10.1-1 | |
| AVG-1789 | ruby | Critical | 2.7.2-1 | 3.0.1-1 | |
| AVG-1822 | gitlab | Critical | 13.10.2-1 | 13.10.3-1 | |
| AVG-1634 | opera | High | 74.0.3911.218-1 | 75.0.3969.149-1 | |
| AVG-1794 | opera | High | 75.0.3969.149-1 | 75.0.3969.171-1 | |
| AVG-1816 | chromium | High | 89.0.4389.114-1 | 89.0.4389.128-1 | |
| AVG-1817 | vivaldi | High | 3.7.2218.52-1 | 3.7.2218.55-1 | |
| AVG-1827 | chromium | High | 89.0.4389.128-1 | 90.0.4430.72-1 | |
| AVG-1421 | ceph | Medium | 15.2.8-2 | 15.2.10-1 | FS#70062 |
| AVG-1622 | openscad | Medium | 2019.05-9 | 2021.01-1 | FS#70052 |
| AVG-1670 | lib3mf-1 | Medium | 1.8.1-5 | 1.8.1-6 | |
| AVG-1675 | python | Medium | 3.9.2-1 | 3.9.3-1 | |
| AVG-1682 | libupnp | Medium | 1.14.4-1 | 1.14.5-1 | |
| AVG-1703 | dnsmasq | Medium | 2.84-1 | 2.85-1 | |
| AVG-1764 | linux | Medium | 5.11.11.arch1-1 | 5.11.12.arch1-1 | |
| AVG-1766 | linux-zen | Medium | 5.11.11.zen1-1 | 5.11.12.arch1-1 | |
| AVG-1767 | linux-lts | Medium | 5.10.27-1 | 5.10.28-1 | |
| AVG-1771 | zabbix-frontend-php | Medium | 5.2.5-1 | 5.2.6-1 | |
| AVG-1775 | mediawiki | Medium | 1.35.1-2 | 1.35.2-1 | |
| AVG-1778 | syncthing, syncthing-relaysrv | Medium | 1.14.0-1 | 1.15.1-1 | |
| AVG-1779 | file-roller | Medium | 3.38.0-2 | 3.38.1-1 | |
| AVG-1781 | jenkins | Medium | 2.286-1 | 2.287-1 | |
| AVG-1790 | thunderbird | Medium | 78.9.0-1 | 78.9.1-1 | |
| AVG-1793 | mosquitto | Medium | 2.0.8-1 | 2.0.10-1 | |
| AVG-1796 | linux | Medium | 5.11.12.arch1-1 | 5.11.13.arch1-1 | |
| AVG-1797 | linux-hardened | Medium | 5.11.11.hardened1-1 | 5.11.13.hardened1-1 | |
| AVG-1798 | linux-zen | Medium | 5.11.12.zen1-1 | 5.11.13.zen1-1 | |
| AVG-1799 | linux-lts | Medium | 5.10.28-1 | 5.10.29-1 | |
| AVG-1808 | solr | Medium | 8.8.1-1 | 8.8.2-1 | |
| AVG-1811 | xorg-server | Medium | 1.20.10-3 | 1.20.11-1 | |
| AVG-1812 | xorg-xwayland | Medium | 21.1.0-1 | 21.1.1-1 | |
| AVG-1821 | mpv | Medium | 1:0.33.0-4 | 1:0.33.1-1 | |
| AVG-1831 | wordpress | Medium | 5.7-1 | 5.7.1-1 | |
| AVG-1591 | traefik | Low | 2.4.2-1 | 2.4.8-1 | |
| AVG-1623 | python-aiohttp | Low | 3.7.3-1 | 3.7.4-1 | |
| AVG-1776 | python-django | Low | 3.1.7-1 | 3.2-1 |
Bumped packages
| Group | Package | Severity | Affected | Current | Ticket |
|---|---|---|---|---|---|
| AVG-1785 | linux-zen | Low | 5.11.15.zen1-1 |
5.11.15.zen1-2 [testing] 5.11.14.zen1-1 [extra] |
|
| AVG-1783 | linux | Low | 5.11.15.arch1-1 |
5.11.15.arch1-2 [testing] 5.11.14.arch1-1 [core] |
|
| AVG-1594 | linux | Low | 5.11.15.arch1-1 |
5.11.15.arch1-2 [testing] 5.11.14.arch1-1 [core] |
Orphan issues
| Issue | Severity | Remote | Type | Description |
|---|---|---|---|---|
| CVE-2016-1000000 | High | Yes | Sql injection | Ipswitch WhatsUp Gold 16.4.1 WrFreeFormText.asp sUniqueID Parameter Blind SQL Injection |
| CVE-2016-10739 | Medium | No | Open redirect | In the GNU C Library (aka glibc or libc6) through 2.28, the getaddrinfo function would... |
| CVE-2017-1000410 | High | Yes | Information disclosure | The Linux kernel version 3.3-rc1 and later is affected by a vulnerability in the processing... |
| CVE-2019-5481 | Low | Yes | Denial of service | libcurl can be told to use kerberos over FTP to a server, as set with the CURLOPT_KRBLEVEL... |
| CVE-2019-5482 | Medium | Yes | Arbitrary code execution | libcurl contains a heap buffer overflow in the function (tftp_receive_packet()) that... |
| CVE-2020-16013 | High | Yes | Access restriction bypass | An inappropriate implementation security issue has been found in the V8 component of the... |
| CVE-2020-16017 | High | Yes | Arbitrary code execution | A use after free security issue has been found in the site isolation component of the... |
| CVE-2020-27823 | Medium | No | Arbitrary code execution | In openjpeg2 version 2.3.1 and prior, there is a heap buffer overflow in... |