Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
76599329 by Salvatore Bonaccorso at 2021-03-09T09:20:20+01:00
Update tracking information for CVE-2021-2792{1,2,3}/pillow
Those got fixed only in 8.1.2 upstream and so are unrelated to the
8.1.1 upload (MITRE CNA refrences the 8.1.1 release notes, but this
might be wrong, but is consistent with the description).
No commit references are given (yet), so those need to be researched.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -382,14 +382,17 @@ CVE-2021-27925
CVE-2021-27924
RESERVED
CVE-2021-27923 (Pillow before 8.1.1 allows attackers to cause a denial of
service (mem ...)
- - pillow 8.1.1-1
+ - pillow 8.1.2-1
[buster] - pillow <ignored> (Minor issue)
+ NOTE: https://pillow.readthedocs.io/en/stable/releasenotes/8.1.2.html
CVE-2021-27922 (Pillow before 8.1.1 allows attackers to cause a denial of
service (mem ...)
- - pillow 8.1.1-1
+ - pillow 8.1.2-1
[buster] - pillow <ignored> (Minor issue)
+ NOTE: https://pillow.readthedocs.io/en/stable/releasenotes/8.1.2.html
CVE-2021-27921 (Pillow before 8.1.1 allows attackers to cause a denial of
service (mem ...)
- - pillow 8.1.1-1
+ - pillow 8.1.2-1
[buster] - pillow <ignored> (Minor issue)
+ NOTE: https://pillow.readthedocs.io/en/stable/releasenotes/8.1.2.html
CVE-2021-27920
RESERVED
CVE-2021-27919
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7659932970aad622cbc8c708f3d903a506e84de2
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7659932970aad622cbc8c708f3d903a506e84de2
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
