Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: c0eaa50f by Salvatore Bonaccorso at 2023-01-30T20:41:23+01:00 Restore fixing information for CVE-2021-35368 - - - - - 2 changed files: - data/CVE/list - data/DLA/list Changes: ===================================== data/CVE/list ===================================== @@ -119624,6 +119624,7 @@ CVE-2021-35369 CVE-2021-35368 (OWASP ModSecurity Core Rule Set 3.1.x before 3.1.2, 3.2.x before 3.2.1 ...) - modsecurity-crs 3.3.2-1 (bug #992000) [bullseye] - modsecurity-crs 3.3.0-1+deb11u1 + [buster] - modsecurity-crs 3.1.0-1+deb10u2 [stretch] - modsecurity-crs <no-dsa> (Minor issue) NOTE: https://coreruleset.org/20210630/cve-2021-35368-crs-request-body-bypass/ NOTE: https://github.com/coreruleset/coreruleset/pull/2143 ===================================== data/DLA/list ===================================== @@ -2,7 +2,7 @@ {CVE-2022-36227} [buster] - libarchive 3.3.3-4+deb10u3 [30 Jan 2023] DLA-3293-1 modsecurity-crs - security update - {CVE-2018-16384 CVE-2019-13464 CVE-2020-22669 CVE-2021-35368 CVE-2022-39955 CVE-2022-39956 CVE-2022-39957 CVE-2022-39958} + {CVE-2018-16384 CVE-2019-13464 CVE-2020-22669 CVE-2022-39955 CVE-2022-39956 CVE-2022-39957 CVE-2022-39958} [buster] - modsecurity-crs 3.2.3-0+deb10u3 [29 Jan 2023] DLA-3292-1 sofia-sip - security update {CVE-2023-22741} View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c0eaa50fa1f6daa0af3fb1239a6286a03fe64c71 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c0eaa50fa1f6daa0af3fb1239a6286a03fe64c71 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits