Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 41adfe6f by Salvatore Bonaccorso at 2022-01-25T21:45:50+01:00 Update status for CVE-2021-23225/cacti While the MITRE entries are not too much transparent, the CVE is assigned by the Red Hat CNA. Red Hat refers for CVE-2021-23225 to https://github.com/Cacti/cacti/issues/1882 which covers a set of issues. Track CVE-2021-23225 with respect to the upstream issue #1882 and so mark it as fixed with the first unstable upload after the 1.2.0 upstream version. - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -18118,11 +18118,8 @@ CVE-2021-3892 CVE-2021-26247 (As an unauthenticated remote user, visit "http://<CACTI_SERVER>/ ...) TODO: check CVE-2021-23225 (Cacti 1.1.38 allows authenticated users with User Management permissio ...) - - cacti <unfixed> - TODO: check if these are the correct commits - NOTE: https://github.com/Cacti/cacti/commit/6a945c4b4713f80d4fc63369bd5451574ebdec42 - NOTE: https://github.com/Cacti/cacti/commit/1b9620cc0492ea6f12f63f05c94fff255da8524b - NOTE: https://www.cacti.net/info/changelog + - cacti 1.2.1+ds1-1 + NOTE: https://github.com/Cacti/cacti/issues/1882 CVE-2022-0005 RESERVED CVE-2022-0004 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/41adfe6ff5a19ed59d252deb1cd8a5557d0b4c3a -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/41adfe6ff5a19ed59d252deb1cd8a5557d0b4c3a You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list [email protected] https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
