Thorsten Alteholz pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
da73cc04 by Thorsten Alteholz at 2021-10-24T17:58:34+02:00
mark CVE-2021-42340 as not-affected for Stretch
- - - - -
2819b8f6 by Thorsten Alteholz at 2021-10-24T17:59:27+02:00
update note
- - - - -
2 changed files:
- data/CVE/list
- data/dla-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -2135,6 +2135,7 @@ CVE-2021-3885
CVE-2021-42340 (The fix for bug 63362 present in Apache Tomcat 10.1.0-M1 to
10.1.0-M5, ...)
- tomcat9 9.0.54-1
- tomcat8 <removed>
+ [stretch] - tomcat8 <not-affected> (Vulnerable code introduced later)
NOTE: https://www.openwall.com/lists/oss-security/2021/10/14/1
NOTE:
https://github.com/apache/tomcat/commit/80f1438ec45e77a07b96419808971838d259eb47
(9.0.54)
NOTE:
https://github.com/apache/tomcat/commit/d27535bdee95d252418201eb21e9d29476aa6b6a
(8.5.72)
=====================================
data/dla-needed.txt
=====================================
@@ -30,7 +30,7 @@ debian-archive-keyring
NOTE: 20211018: with him and upload and publish the DLA. (utkarsh)
--
exiv2 (Thorsten Alteholz)
- NOTE: 20211010: WIP, also taking care of older issues
+ NOTE: 20211024: WIP, not yet finished
--
ffmpeg (Anton Gladky)
NOTE: probably wait until stuff is fixed in Buster
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/f2693817d87b649c9a6e492ca0cb181c3e71de5c...2819b8f61b0ba9ab0e67e287e4f92737b8f98d31
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/f2693817d87b649c9a6e492ca0cb181c3e71de5c...2819b8f61b0ba9ab0e67e287e4f92737b8f98d31
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
