Thorsten Alteholz pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
5fb95468 by Thorsten Alteholz at 2021-10-19T23:35:37+02:00
mark CVE-2021-41990 as not-affected for Stretch
- - - - -
0bfe9879 by Thorsten Alteholz at 2021-10-20T00:32:36+02:00
Reserve DLA-2788-1 for strongswan
- - - - -
2 changed files:
- data/CVE/list
- data/DLA/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -2840,6 +2840,7 @@ CVE-2021-41991 (The in-memory certificate cache in
strongSwan before 5.9.4 has a
CVE-2021-41990 (The gmp plugin in strongSwan before 5.9.4 has a remote integer
overflo ...)
{DSA-4989-1}
- strongswan <unfixed>
+ [stretch] - strongswan <not-affected> (The vulnerable code was
introduced later in version 5.6.1)
NOTE:
https://www.strongswan.org/blog/2021/10/18/strongswan-vulnerability-(cve-2021-41990).html
CVE-2021-41989
RESERVED
=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[20 Oct 2021] DLA-2788-1 strongswan - security update
+ {CVE-2021-41991}
+ [stretch] - strongswan 5.5.1-4+deb9u5
[18 Oct 2021] DLA-2787-1 redmine - security update
{CVE-2021-42326}
[stretch] - redmine 3.3.1-4+deb9u5
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/caa311ef3e719a8aede9469feab18f461b26b4f2...0bfe9879fb9c9808e78cf69a54eb1b8f3eff17fa
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/caa311ef3e719a8aede9469feab18f461b26b4f2...0bfe9879fb9c9808e78cf69a54eb1b8f3eff17fa
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
