Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
8444f78e by Salvatore Bonaccorso at 2021-03-24T19:53:06+01:00
Update information for CVE-2020-27840/{ldb,samba}
See reasoning in 641aeb160ec7 ("Update information
CVE-2021-20277/{ldb,samba}").
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -32215,8 +32215,14 @@ CVE-2020-27841 (There's a flaw in openjpeg in versions
prior to 2.4.0 in src/lib
NOTE:
https://github.com/rouault/openjpeg/commit/00383e162ae2f8fc951f5745bf1011771acb8dce
(v2.4.0)
CVE-2020-27840 [Heap corruption via crafted DN strings]
RESERVED
- - samba <unfixed>
+ - ldb <unfixed>
+ - samba <unfixed> (unimportant)
NOTE: https://www.samba.org/samba/security/CVE-2020-27840.html
+ NOTE: https://bugzilla.samba.org/show_bug.cgi?id=14595
+ NOTE:
https://git.samba.org/?p=samba.git;a=commitdiff;h=1996b79f376b459bb964a6344ca5f264e7d6e2ec
+ NOTE:
https://git.samba.org/?p=samba.git;a=commitdiff;h=dbb3e65f7e382adf5fa6a6afb3d8684aca3f201a
+ NOTE:
https://git.samba.org/?p=samba.git;a=commitdiff;h=9532c44baea130db74f866e1472cb871936cd3dd
+ NOTE: Samba uses the System ldb library
CVE-2020-27839
RESERVED
- ceph <unfixed> (bug #985670)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8444f78e919667968ceee4f4e387c297fa9ee882
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8444f78e919667968ceee4f4e387c297fa9ee882
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
