Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
58d2c6dd by Salvatore Bonaccorso at 2021-06-04T22:53:04+02:00
Update information on CVE-2021-33054/sogo
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1803,7 +1803,8 @@ CVE-2021-33054 (SOGo 2.x before 2.4.1 and 3.x through 5.x
before 5.1.1 does not
NOTE:
https://blogs.akamai.com/2021/06/saml-implementation-vulnerability-impacting-some-akamai-services.html
NOTE:
https://blogs.akamai.com/2021/06/akamai-eaa-impersonation-vulnerability---a-deep-dive.html
NOTE:
https://blogs.akamai.com/2021/06/sogo-and-packetfence-impacted-by-saml-implementation-vulnerabilities.html
- NOTE:
https://github.com/inverse-inc/sogo/commit/e53636564680ac0df11ec898304bc442908ba746
(SOGo-5.1.1)
+ NOTE: Introduced by:
https://github.com/inverse-inc/sogo/commit/5487f34b9ee9b9639e3f1d4a7abf4fad2d240d66
(SOGo-2.0.5)
+ NOTE: Fixed by:
https://github.com/inverse-inc/sogo/commit/e53636564680ac0df11ec898304bc442908ba746
(SOGo-5.1.1)
NOTE: CVE is assigned for the SOGo vulnerability regarding the lasso
usage.
CVE-2021-33053
RESERVED
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/58d2c6dd00ac0cb6ab010d55a77ee07d2ddda9bd
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/58d2c6dd00ac0cb6ab010d55a77ee07d2ddda9bd
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list [email protected] https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
