[Git][security-tracker-team/security-tracker][master] Add CVE-2021-44122/spip

Thu, 27 Jan 2022 15:04:13 -0800 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
2487b866 by Salvatore Bonaccorso at 2022-01-28T00:03:25+01:00
Add CVE-2021-44122/spip

- - - - -


3 changed files:

- data/CVE/list
- data/DLA/list
- data/DSA/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -12600,7 +12600,9 @@ CVE-2021-44123 (SPIP 4.0.0 is affected by a remote 
command execution vulnerabili
        NOTE: 
https://git.spip.net/spip/spip/commit/1cf91def15966406ddd0488cf9d1ecd1ae82d47a 
(master)
        NOTE: 
https://git.spip.net/spip/spip/commit/97e2888e9c92ad4bd68e8f80079583249714fbfa 
(v4.0.1)
 CVE-2021-44122 (SPIP 4.0.0 is affected by a Cross Site Request Forgery (CSRF) 
vulnerab ...)
-       TODO: check
+       - spip 3.2.12-1
+       NOTE: 
https://git.spip.net/spip/spip/commit/1b8e4f404c2441c15ca6540b9a6d8e50cff219db
+       NOTE: 
https://git.spip.net/spip/spip/commit/fea5b5b4507cc9c0b9e91bbfbf34fe40b0bea805 
(v3.2.12)
 CVE-2021-44121
        REJECTED
 CVE-2021-44120 (SPIP 4.0.0 is affected by a Cross Site Scripting (XSS) 
vulnerability i ...)


=====================================
data/DLA/list
=====================================
@@ -110,6 +110,7 @@
 [29 Dec 2021] DLA-2857-2 postgis - regression update
        [stretch] - postgis 2.3.1+dfsg-2+deb9u2
 [29 Dec 2021] DLA-2867-1 spip - security update
+       {CVE-2021-44122}
        [stretch] - spip 3.1.4-4~deb9u4+deb9u2
 [29 Dec 2021] DLA-2866-1 uw-imap - security update
        {CVE-2018-19518}


=====================================
data/DSA/list
=====================================
@@ -128,6 +128,7 @@
        [buster] - sogo 4.0.7-1+deb10u2
        [bullseye] - sogo 5.0.1-4+deb11u1
 [22 Dec 2021] DSA-5028-1 spip - security update
+       {CVE-2021-44122}
        [buster] - spip 3.2.4-1+deb10u5
        [bullseye] - spip 3.2.11-3+deb11u1
 [21 Dec 2021] DSA-5027-1 xorg-server - security update



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2487b8663d5d3c6cbaf2ad768ff00d6e1071753b

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2487b8663d5d3c6cbaf2ad768ff00d6e1071753b
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to