Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
733efb14 by Salvatore Bonaccorso at 2021-09-15T08:52:09+02:00
Add CVE-2021-3798/opencryptoki
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -430,8 +430,12 @@ CVE-2021-3799
CVE-2021-41054 (tftpd_file.c in atftp through 0.7.4 has a buffer overflow
because buff ...)
- atftp <unfixed>
NOTE:
https://sourceforge.net/p/atftp/code/ci/d255bf90834fb45be52decf9bc0b4fb46c90f205/
-CVE-2021-3798
+CVE-2021-3798 [Soft token does not check if an EC key is valid]
RESERVED
+ - opencryptoki <not-affected> (Vulnerable code introduced later)
+ NOTE:
https://bugs.launchpad.net/ubuntu/+source/opencryptoki/+bug/1928780
+ NOTE: Introduced with:
https://github.com/opencryptoki/opencryptoki/commit/a179fd01a265a98194d9c06ec5958da1dd2ecae3
(v3.15.0)
+ NOTE: Fixed by:
https://github.com/opencryptoki/opencryptoki/commit/4e3b43c3d8844402c04a66b55c6c940f965109f0
CVE-2021-40865
RESERVED
CVE-2021-3797
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/733efb14f4a3fe2dbcd93ef4b67e4cadb313ae23
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/733efb14f4a3fe2dbcd93ef4b67e4cadb313ae23
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
