[Git][security-tracker-team/security-tracker][master] Drop not-affected status for CVE-2021-2292{2,3}

Tue, 27 Dec 2022 22:15:16 -0800 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
60fcd0b7 by Salvatore Bonaccorso at 2022-12-28T07:13:49+01:00
Drop not-affected status for CVE-2021-2292{2,3}

Source is affected as the issues are present since 7.27.0. But as we do
not built with metalink support up to in all suites the issues are
already marked as unimportant.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -142739,8 +142739,6 @@ CVE-2021-22924 (libcurl keeps previously used 
connections in a connection pool f
        NOTE: https://www.openwall.com/lists/oss-security/2021/07/21/3
 CVE-2021-22923 (When curl is instructed to get content using the metalink 
feature, and ...)
        - curl 7.79.1-1 (unimportant)
-       [buster] - curl <not-affected> (curl is not built with metalink support)
-       [bullseye] - curl <not-affected> (curl is not built with metalink 
support)
        NOTE: https://curl.se/docs/CVE-2021-22923.html
        NOTE: https://www.openwall.com/lists/oss-security/2021/07/21/2
        NOTE: The fix for earlier versions is to rebuild curl with the metalink 
support
@@ -142748,8 +142746,6 @@ CVE-2021-22923 (When curl is instructed to get 
content using the metalink featur
        NOTE: Metalink support not enabled in Debian builds.
 CVE-2021-22922 (When curl is instructed to download content using the metalink 
feature ...)
        - curl 7.79.1-1 (unimportant)
-       [buster] - curl <not-affected> (curl is not built with metalink support)
-       [bullseye] - curl <not-affected> (curl is not built with metalink 
support)
        NOTE: https://curl.se/docs/CVE-2021-22922.html
        NOTE: https://www.openwall.com/lists/oss-security/2021/07/21/1
        NOTE: The fix for earlier versions is to rebuild curl with the metalink 
support



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/60fcd0b78852da81345b8949c7cd8206597983d4

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/60fcd0b78852da81345b8949c7cd8206597983d4
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to