[Git][security-tracker-team/security-tracker][master] 5 commits: Track fixed version via unstable for CVE-2021-25329/tomcat9

Mon, 01 Mar 2021 08:28:53 -0800 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
1183aa74 by Salvatore Bonaccorso at 2021-03-01T17:14:40+01:00
Track fixed version via unstable for CVE-2021-25329/tomcat9

- - - - -
1769f634 by Salvatore Bonaccorso at 2021-03-01T17:15:09+01:00
Track fixed version for CVE-2021-25122/tomcat9 via unstable

- - - - -
30bee309 by Salvatore Bonaccorso at 2021-03-01T17:15:39+01:00
Add note on incomplete fix for CVE-2020-9484

- - - - -
4fe8600e by Salvatore Bonaccorso at 2021-03-01T17:27:04+01:00
Reference upstream commits for CVE-2021-25329

- - - - -
3c61027d by Salvatore Bonaccorso at 2021-03-01T17:27:25+01:00
Reference upstream commits for CVE-2021-25122

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -5867,10 +5867,14 @@ CVE-2021-3180
        RESERVED
 CVE-2021-25329
        RESERVED
-       - tomcat9 <unfixed>
+       - tomcat9 9.0.43-1
        - tomcat8 <removed>
        - tomcat7 <removed>
        NOTE: https://www.openwall.com/lists/oss-security/2021/03/01/2
+       NOTE: 
https://github.com/apache/tomcat/commit/4785433a226a20df6acbea49296e1ce7e23de453
 (9.0.43)
+       NOTE: 
https://github.com/apache/tomcat/commit/93f0cc403a9210d469afc2bd9cf03ab3251c6f35
 (8.5.63)
+       NOTE: 
https://github.com/apache/tomcat/commit/74b105657ffbd1d1de80455f03446c3bbf30d1f5
 (7.0.108)
+       NOTE: CVE is for incomplete fix for CVE-2020-9484.
 CVE-2021-25328
        RESERVED
 CVE-2021-25327
@@ -6404,10 +6408,12 @@ CVE-2021-25123 (The Baseboard Management 
Controller(BMC) in HPE Cloudline CL5800
        NOT-FOR-US: HPE
 CVE-2021-25122
        RESERVED
-       - tomcat9 <unfixed>
+       - tomcat9 9.0.43-1
        - tomcat8 <removed>
        - tomcat7 <removed>
        NOTE: https://www.openwall.com/lists/oss-security/2021/03/01/1
+       NOTE: 
https://github.com/apache/tomcat/commit/d47c20a776e8919eaca8da9390a32bc8bf8210b1
 (9.0.43)
+       NOTE: 
https://github.com/apache/tomcat/commit/bb0e7c1e0d737a0de7d794572517bce0e91d30fa
 (8.5.63)
 CVE-2021-25121
        RESERVED
 CVE-2021-25120



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/5327ecf031f0abb387bc0e4e2357cdc845b3bcd7...3c61027d3edd6dc37525993b21928c5e6aa4b3e0

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/5327ecf031f0abb387bc0e4e2357cdc845b3bcd7...3c61027d3edd6dc37525993b21928c5e6aa4b3e0
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to