Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
7e234a0f by Salvatore Bonaccorso at 2021-11-08T08:47:46+01:00
Track fixed version for libsepol issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -19547,7 +19547,7 @@ CVE-2021-36089 (Grok 7.6.6 through 9.2.0 has a
heap-based buffer overflow in grk
CVE-2021-36088 (Fluent Bit (aka fluent-bit) 1.7.0 through 1.7,4 has a double
free in f ...)
NOT-FOR-US: Fluent Bit
CVE-2021-36087 (The CIL compiler in SELinux 3.2 has a heap-based buffer
over-read in e ...)
- - libsepol <unfixed> (bug #990526)
+ - libsepol 3.3-1 (bug #990526)
[bullseye] - libsepol <no-dsa> (Minor issue)
[buster] - libsepol <no-dsa> (Minor issue)
[stretch] - libsepol <no-dsa> (Minor issue)
@@ -19555,7 +19555,7 @@ CVE-2021-36087 (The CIL compiler in SELinux 3.2 has a
heap-based buffer over-rea
NOTE:
https://github.com/SELinuxProject/selinux/commit/bad0a746e9f4cf260dedba5828d9645d50176aac
NOTE:
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-585.yaml
CVE-2021-36086 (The CIL compiler in SELinux 3.2 has a use-after-free in
cil_reset_clas ...)
- - libsepol <unfixed> (bug #990526)
+ - libsepol 3.3-1 (bug #990526)
[bullseye] - libsepol <no-dsa> (Minor issue)
[buster] - libsepol <no-dsa> (Minor issue)
[stretch] - libsepol <no-dsa> (Minor issue)
@@ -19563,7 +19563,7 @@ CVE-2021-36086 (The CIL compiler in SELinux 3.2 has a
use-after-free in cil_rese
NOTE:
https://github.com/SELinuxProject/selinux/commit/c49a8ea09501ad66e799ea41b8154b6770fec2c8
NOTE:
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-536.yaml
CVE-2021-36085 (The CIL compiler in SELinux 3.2 has a use-after-free in
__cil_verify_c ...)
- - libsepol <unfixed> (bug #990526)
+ - libsepol 3.3-1 (bug #990526)
[bullseye] - libsepol <no-dsa> (Minor issue)
[buster] - libsepol <no-dsa> (Minor issue)
[stretch] - libsepol <no-dsa> (Minor issue)
@@ -19571,7 +19571,7 @@ CVE-2021-36085 (The CIL compiler in SELinux 3.2 has a
use-after-free in __cil_ve
NOTE:
https://github.com/SELinuxProject/selinux/commit/2d35fcc7e9e976a2346b1de20e54f8663e8a6cba
NOTE:
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-421.yaml
CVE-2021-36084 (The CIL compiler in SELinux 3.2 has a use-after-free in
__cil_verify_c ...)
- - libsepol <unfixed> (bug #990526)
+ - libsepol 3.3-1 (bug #990526)
[bullseye] - libsepol <no-dsa> (Minor issue)
[buster] - libsepol <no-dsa> (Minor issue)
[stretch] - libsepol <no-dsa> (Minor issue)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7e234a0f3724f4baaca13606774191383105a1c5
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7e234a0f3724f4baaca13606774191383105a1c5
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
