[Git][security-tracker-team/security-tracker][master] Resolve CVE-2021-3284{0-2}/mono not-affected - vulnerable code not yet uploaded

Fri, 11 Feb 2022 06:39:34 -0800 


Neil Williams pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
6d8a2700 by Neil Williams at 2022-02-11T14:39:11+00:00
Resolve CVE-2021-3284{0-2}/mono not-affected - vulnerable code not yet uploaded

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -46530,17 +46530,19 @@ CVE-2021-32844
 CVE-2021-32843
        RESERVED
 CVE-2021-32842 (SharpZipLib (or #ziplib) is a Zip, GZip, Tar and BZip2 
library. Starti ...)
-       - mono <undetermined>
+       - mono <not-affected> (Vulnerable code not yet uploaded)
        NOTE: 
https://securitylab.github.com/advisories/GHSL-2021-125-sharpziplib/
-       TODO: recheck, as mono's ships SharpZipLib in 
mcs/class/ICSharpCode.SharpZipLib
+       NOTE: 
https://github.com/icsharpcode/SharpZipLib/commit/5c3b293de5d65b108e7f2cd0ea8f81c1b8273f78
 (v1.3.3)
 CVE-2021-32841 (SharpZipLib (or #ziplib) is a Zip, GZip, Tar and BZip2 
library. Starti ...)
-       - mono <undetermined>
+       - mono <not-affected> (Vulnerable code not yet uploaded)
        NOTE: 
https://securitylab.github.com/advisories/GHSL-2021-125-sharpziplib/
-       TODO: recheck, as mono's ships SharpZipLib in 
mcs/class/ICSharpCode.SharpZipLib
+       NOTE: 
https://github.com/icsharpcode/SharpZipLib/commit/5c3b293de5d65b108e7f2cd0ea8f81c1b8273f78
 (v1.3.3)
 CVE-2021-32840 (SharpZipLib (or #ziplib) is a Zip, GZip, Tar and BZip2 
library. Prior  ...)
-       - mono <undetermined>
+       - mono <not-affected> (Vulnerable code not yet uploaded)
        NOTE: 
https://securitylab.github.com/advisories/GHSL-2021-125-sharpziplib/
-       TODO: recheck, as mono's ships SharpZipLib in 
mcs/class/ICSharpCode.SharpZipLib
+       NOTE: 
https://github.com/icsharpcode/SharpZipLib/commit/5c3b293de5d65b108e7f2cd0ea8f81c1b8273f78
 (v1.3.3)
+       NOTE: CVE refers to the commit for the test case:
+       NOTE: 
https://github.com/icsharpcode/SharpZipLib/commit/a0e96de70b5264f4c919b09253b1522bc7a221cc
 CVE-2021-32839 (sqlparse is a non-validating SQL parser module for Python. In 
sqlparse ...)
        - sqlparse 0.4.2-1 (bug #994841)
        [bullseye] - sqlparse <no-dsa> (Minor issue)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6d8a2700b69f7891a92a092362df3e5dbf28d1e2

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6d8a2700b69f7891a92a092362df3e5dbf28d1e2
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to