Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 1183aa74 by Salvatore Bonaccorso at 2021-03-01T17:14:40+01:00 Track fixed version via unstable for CVE-2021-25329/tomcat9 - - - - - 1769f634 by Salvatore Bonaccorso at 2021-03-01T17:15:09+01:00 Track fixed version for CVE-2021-25122/tomcat9 via unstable - - - - - 30bee309 by Salvatore Bonaccorso at 2021-03-01T17:15:39+01:00 Add note on incomplete fix for CVE-2020-9484 - - - - - 4fe8600e by Salvatore Bonaccorso at 2021-03-01T17:27:04+01:00 Reference upstream commits for CVE-2021-25329 - - - - - 3c61027d by Salvatore Bonaccorso at 2021-03-01T17:27:25+01:00 Reference upstream commits for CVE-2021-25122 - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -5867,10 +5867,14 @@ CVE-2021-3180 RESERVED CVE-2021-25329 RESERVED - - tomcat9 <unfixed> + - tomcat9 9.0.43-1 - tomcat8 <removed> - tomcat7 <removed> NOTE: https://www.openwall.com/lists/oss-security/2021/03/01/2 + NOTE: https://github.com/apache/tomcat/commit/4785433a226a20df6acbea49296e1ce7e23de453 (9.0.43) + NOTE: https://github.com/apache/tomcat/commit/93f0cc403a9210d469afc2bd9cf03ab3251c6f35 (8.5.63) + NOTE: https://github.com/apache/tomcat/commit/74b105657ffbd1d1de80455f03446c3bbf30d1f5 (7.0.108) + NOTE: CVE is for incomplete fix for CVE-2020-9484. CVE-2021-25328 RESERVED CVE-2021-25327 @@ -6404,10 +6408,12 @@ CVE-2021-25123 (The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 NOT-FOR-US: HPE CVE-2021-25122 RESERVED - - tomcat9 <unfixed> + - tomcat9 9.0.43-1 - tomcat8 <removed> - tomcat7 <removed> NOTE: https://www.openwall.com/lists/oss-security/2021/03/01/1 + NOTE: https://github.com/apache/tomcat/commit/d47c20a776e8919eaca8da9390a32bc8bf8210b1 (9.0.43) + NOTE: https://github.com/apache/tomcat/commit/bb0e7c1e0d737a0de7d794572517bce0e91d30fa (8.5.63) CVE-2021-25121 RESERVED CVE-2021-25120 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/5327ecf031f0abb387bc0e4e2357cdc845b3bcd7...3c61027d3edd6dc37525993b21928c5e6aa4b3e0 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/5327ecf031f0abb387bc0e4e2357cdc845b3bcd7...3c61027d3edd6dc37525993b21928c5e6aa4b3e0 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits