[Git][security-tracker-team/security-tracker][master] 2 commits: Add fixed version for CVE-2021-41253/zydis via unstable

Mon, 15 Nov 2021 10:23:01 -0800 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
4f75c9dd by Salvatore Bonaccorso at 2021-11-15T19:19:09+01:00
Add fixed version for CVE-2021-41253/zydis via unstable

- - - - -
5885e004 by Salvatore Bonaccorso at 2021-11-15T19:22:18+01:00
CVE-2021-43608: Add explanation after <not-affected> tag

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -284,8 +284,9 @@ CVE-2021-43609
        RESERVED
 CVE-2021-43608 [SQL Injection Security Vulnerability]
        RESERVED
-       - php-doctrine-dbal <not-affected>
-       NOTE: Bug was introduced in 3.0, and fixed in experimental in 
3.1.4+dfsg-1
+       - php-doctrine-dbal <not-affected> (Vulnerable code introduced in 3.0.0)
+       NOTE: Bug was introduced in 3.0.0, and fixed in experimental in 
3.1.4+dfsg-1 and
+       NOTE: only present in experimental suite.
        NOTE: 
https://github.com/doctrine/dbal/security/advisories/GHSA-r7cj-8hjg-x622
 CVE-2021-43607
        RESERVED
@@ -8058,7 +8059,7 @@ CVE-2021-41255
 CVE-2021-41254 (kustomize-controller is a Kubernetes operator, specialized in 
running  ...)
        NOT-FOR-US: kustomize-controller
 CVE-2021-41253 (Zydis is an x86/x86-64 disassembler library. Users of Zydis 
versions v ...)
-       - zydis <unfixed> (bug #999431)
+       - zydis 3.2.1-1 (bug #999431)
        NOTE: 
https://github.com/zyantific/zydis/security/advisories/GHSA-q42v-hv86-3m4g
        NOTE: Fixed by: 
https://github.com/zyantific/zydis/commit/55dd08c210722aed81b38132f5fd4a04ec1943b5
 (master)
        NOTE: Fixed by: 
https://github.com/zyantific/zydis/commit/330b259583ade789886ce11af2ebcd030097dcbf
 (v3.2.1)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/520ced525c9c0d9a7b6d90ba7269ffbc2cc44ff4...5885e00417f48b214c17774a524fef2debb88e44

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/520ced525c9c0d9a7b6d90ba7269ffbc2cc44ff4...5885e00417f48b214c17774a524fef2debb88e44
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to