[Git][security-tracker-team/security-tracker][master] 2 commits: Update tracking for CVE-2021-41055 in buster and remove leftover TODO

Thu, 27 Jan 2022 14:19:09 -0800 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
09da837a by Salvatore Bonaccorso at 2022-01-27T23:07:38+01:00
Update tracking for CVE-2021-41055 in buster and remove leftover TODO

- - - - -
8649b4ef by Salvatore Bonaccorso at 2022-01-27T23:16:41+01:00
Add Debian bug reference for CVE-2022-23959/varnish

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -460,7 +460,7 @@ CVE-2022-23961
 CVE-2022-23960
        RESERVED
 CVE-2022-23959 (In Varnish Cache before 6.6.2 and 7.x before 7.0.2, Varnish 
Cache 6.0  ...)
-       - varnish <unfixed>
+       - varnish <unfixed> (bug #1004433)
        NOTE: https://varnish-cache.org/security/VSV00008.html
        NOTE: https://docs.varnish-software.com/security/VSV00008/
        NOTE: Fixed by: 
https://github.com/varnishcache/varnish-cache/commit/fceaefd4d59a3b5d5a4903a3f420e35eb430d0d4
 (master)
@@ -23588,11 +23588,11 @@ CVE-2021-41056
        RESERVED
 CVE-2021-41055 (Gajim 1.2.x and 1.3.x before 1.3.3 allows remote attackers to 
cause a  ...)
        - python-nbxmpp 2.0.4-1
+       [buster] - python-nbxmpp <not-affected> (Vulnerable code not present)
        [stretch] - python-nbxmpp <not-affected> (Vulnerable code introduced 
later (modules added in v1.0.0))
        NOTE: https://dev.gajim.org/gajim/gajim/-/issues/10638
        NOTE: 
https://dev.gajim.org/gajim/python-nbxmpp/-/commit/8a626829d7c4b14077f764e61b1d1e867d21413f
        NOTE: Fix in python-nbxmpp, and gajim 1.3.3 bumps depends on required 
nbxmpp version.
-       TODO: double-check correctness for tracking of source package, 
underlying issue is fixed in python-nbxmpp
 CVE-2021-41053
        RESERVED
 CVE-2021-41052



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/c88a2c1581df74acfc64613aaeae52acdfef2c35...8649b4efce9d27d54cb2a166b214d7941725531c

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/c88a2c1581df74acfc64613aaeae52acdfef2c35...8649b4efce9d27d54cb2a166b214d7941725531c
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to