Chris Lamb pushed to branch master at Debian Security Tracker / security-tracker
Commits:
529cc3bb by Chris Lamb at 2021-08-08T10:07:48+01:00
Triage CVE-2021-38155 in keystone for stretch LTS.
- - - - -
e9469fe3 by Chris Lamb at 2021-08-08T10:09:08+01:00
Triage CVE-2021-3639 in libapache2-mod-auth-mellon for stretch LTS.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -162,6 +162,7 @@ CVE-2021-38156
RESERVED
CVE-2021-38155 (OpenStack Keystone 10.x through 16.x before 16.0.2, 17.x
before 17.0.1 ...)
- keystone <unfixed>
+ [stretch] - keystone <end-of-life> (Keystone not supported in stretch)
NOTE: https://launchpad.net/bugs/1688137
CVE-2021-38165 (Lynx through 2.8.9 mishandles the userinfo subcomponent of a
URI, whic ...)
[experimental] - lynx 2.9.0dev.9-1
@@ -4110,6 +4111,7 @@ CVE-2021-3639 [Prevent redirect to URLs that begin with
'///']
- libapache2-mod-auth-mellon <unfixed> (bug #991730)
[bullseye] - libapache2-mod-auth-mellon <no-dsa> (Minor issue)
[buster] - libapache2-mod-auth-mellon <no-dsa> (Minor issue)
+ [stretch] - libapache2-mod-auth-mellon <no-dsa> (Minor issue)
NOTE:
https://github.com/latchset/mod_auth_mellon/commit/42a11261b9dad2e48d70bdff7c53dd57a12db6f5
CVE-2021-36350
RESERVED
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/4cc27738845d525162def9234c84a355c97adf20...e9469fe35c24f4a97e08ffabf13d570d1027aa0f
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/4cc27738845d525162def9234c84a355c97adf20...e9469fe35c24f4a97e08ffabf13d570d1027aa0f
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
