Thorsten Alteholz pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
bcc3b939 by Thorsten Alteholz at 2021-05-22T15:37:03+02:00
change not-affected to no-dsa for CVE-2021-21419 in Stretch
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -29315,7 +29315,7 @@ CVE-2021-21420 (vscode-stripe is an extension for
Visual Studio Code. A vulnerab
CVE-2021-21419 (Eventlet is a concurrent networking library for Python. A
websocket pe ...)
- python-eventlet 0.26.1-7 (bug #988342)
[buster] - python-eventlet <no-dsa> (Minor issue)
- [stretch] - python-eventlet <not-affected> (Vulnerable code
(compression extension) introduced later)
+ [stretch] - python-eventlet <no-dsa> (Minor issue)
NOTE:
https://github.com/eventlet/eventlet/security/advisories/GHSA-9p9m-jm8w-94p2
NOTE: Fixed by:
https://github.com/eventlet/eventlet/commit/1412f5e4125b4313f815778a1acb4d3336efcd07
NOTE: Issue present as well in versions before introduction of
per-message-defalte extension
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bcc3b939f1548c1f4e80680d5c66d407b3cd76b3
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bcc3b939f1548c1f4e80680d5c66d407b3cd76b3
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
