Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
729d1bec by Salvatore Bonaccorso at 2022-01-19T21:46:50+01:00
Add CVE-2021-3391{2,3}/libspf2
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -38449,9 +38449,19 @@ CVE-2021-33915
CVE-2021-33914
RESERVED
CVE-2021-33913 (libspf2 before 1.2.11 has a heap-based buffer overflow that
might allo ...)
- TODO: check
+ - libspf2 1.2.10-7.1
+ [bullseye] - libspf2 1.2.10-7.1~deb11u1
+ [buster] - libspf2 1.2.10-7.1~deb10u1
+ NOTE: https://nathanielbennett.com/blog/libspf2-cve-jan-2022-disclosure
+ NOTE: https://github.com/shevek/libspf2/pull/35
+ NOTE:
https://github.com/shevek/libspf2/commit/f06fef6cede4c4cb42f2c617496e6041782d7070
CVE-2021-33912 (libspf2 before 1.2.11 has a four-byte heap-based buffer
overflow that ...)
- TODO: check
+ - libspf2 1.2.10-7.1
+ [bullseye] - libspf2 1.2.10-7.1~deb11u1
+ [buster] - libspf2 1.2.10-7.1~deb10u1
+ NOTE: https://nathanielbennett.com/blog/libspf2-cve-jan-2022-disclosure
+ NOTE: https://github.com/shevek/libspf2/pull/35
+ NOTE:
https://github.com/shevek/libspf2/commit/28faf4624a6a371b11afdb9820078d3b0ee3803d
CVE-2021-33911 (Zoho ManageEngine ADManager Plus before 7110 allows remote
code execut ...)
NOT-FOR-US: Zoho
CVE-2021-33910 (basic/unit-name.c in systemd prior to 246.15, 247.8, 248.5,
and 249.1 ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/729d1bec07c617061562765761420edd20d32740
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/729d1bec07c617061562765761420edd20d32740
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
