Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
19ae4700 by Salvatore Bonaccorso at 2021-04-08T17:08:33+02:00
Track fixed version for curl issues via unstable
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -17224,7 +17224,7 @@ CVE-2021-22891
RESERVED
CVE-2021-22890 (curl 7.63.0 to and including 7.75.0 includes vulnerability
that allows ...)
{DSA-4881-1}
- - curl <unfixed> (bug #986270)
+ - curl 7.74.0-1.2 (bug #986270)
[stretch] - curl <not-affected> (Vunerable code introduced later)
NOTE: https://curl.se/docs/CVE-2021-22890.html
NOTE: Fixed by:
https://github.com/curl/curl/commit/b09c8ee15771c614c4bf3ddac893cdb12187c844
@@ -17272,7 +17272,7 @@ CVE-2021-22877 (A missing user check in Nextcloud prior
to 20.0.6 inadvertently
- nextcloud-server <itp> (bug #941708)
CVE-2021-22876 (curl 7.1.1 to and including 7.75.0 is vulnerable to an
"Exposure of Pr ...)
{DSA-4881-1}
- - curl <unfixed> (bug #986269)
+ - curl 7.74.0-1.2 (bug #986269)
NOTE: https://curl.se/docs/CVE-2021-22876.html
NOTE: Fixed by:
https://github.com/curl/curl/commit/7214288898f5625a6cc196e22a74232eada7861c
CVE-2021-22875 (Revive Adserver before 5.1.1 is vulnerable to a reflected XSS
vulnerab ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/19ae4700a11bb6bd605948a21765efb27dadbb43
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/19ae4700a11bb6bd605948a21765efb27dadbb43
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
