[Git][security-tracker-team/security-tracker][master] Mark CVE-2021-28163 and CVE-2021-28164,jetty9 as not affected for Buster.

Mon, 05 Jul 2021 05:49:45 -0700 


Markus Koschany pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
7f199805 by Markus Koschany at 2021-07-05T14:48:37+02:00
Mark CVE-2021-28163 and CVE-2021-28164,jetty9 as not affected for Buster.

The vulnerable code was introduced later.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -18831,12 +18831,14 @@ CVE-2021-28165 (In Eclipse Jetty 7.2.2 to 9.4.38, 
10.0.0.alpha0 to 10.0.1, and 1
 CVE-2021-28164 (In Eclipse Jetty 9.4.37.v20210219 to 9.4.38.v20210224, the 
default com ...)
        - jetty9 9.4.39-1
        [stretch] - jetty9 <not-affected> (Vulnerable code introduced later)
+       [buster] - jetty9 <not-affected> (Vulnerable code introduced later)
        NOTE: 
https://github.com/eclipse/jetty.project/security/advisories/GHSA-v7ff-8wcx-gmc5
        NOTE: 
https://github.com/eclipse/jetty.project/commit/e412c8a15b3334b30193f40412c0fbc47e478e83
        NOTE: Introduced by 
https://github.com/eclipse/jetty.project/commit/20ef71fe5d709a90c2a5698834fff07b9b4e7ad7
 (jetty-9.4.37.v20210219)
 CVE-2021-28163 (In Eclipse Jetty 9.4.32 to 9.4.38, 10.0.0.beta2 to 10.0.1, and 
11.0.0. ...)
        - jetty9 9.4.39-1
        [stretch] - jetty9 <not-affected> (Vulnerable code introduced in 9.4.32 
according to upstream advisory, reproducer no-op)
+       [buster] - jetty9 <not-affected> (Vulnerable code introduced was 
introduced later)
        NOTE: 
https://github.com/eclipse/jetty.project/security/advisories/GHSA-j6qj-j888-vvgq
        NOTE: 
https://github.com/eclipse/jetty.project/commit/37fffb1722604da1763d8a096ec5c5fb41ea0633
 CVE-2021-28162 (In Eclipse Theia versions up to and including 0.16.0, in the 
notificat ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7f1998059b6c1f200bbeacf4d80612c0e4a5e7bc

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7f1998059b6c1f200bbeacf4d80612c0e4a5e7bc
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to