[Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2018-16838/sssd: Mention upstream branch name.

Sun, 28 May 2023 07:08:14 -0700 


Guilhem Moulin pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
f5587213 by Guilhem Moulin at 2023-05-28T16:00:12+02:00
CVE-2018-16838/sssd: Mention upstream branch name.

- - - - -
6883d6a3 by Guilhem Moulin at 2023-05-28T16:06:54+02:00
CVE-2021-3621/sssd: Add reference to upstream commit for sssd-1-16 branch.

And mention upstream branch name for 7ab83f9.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -142232,7 +142232,8 @@ CVE-2021-3621 (A flaw was found in SSSD, where the 
sssctl command was vulnerable
        [bullseye] - sssd <no-dsa> (Minor issue)
        [buster] - sssd <no-dsa> (Minor issue)
        NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1975142
-       NOTE: 
https://github.com/SSSD/sssd/commit/7ab83f97e1cbefb78ece17232185bdd2985f0bbe
+       NOTE: 
https://github.com/SSSD/sssd/commit/7ab83f97e1cbefb78ece17232185bdd2985f0bbe 
(sssd-2-7)
+       NOTE: 
https://github.com/SSSD/sssd/commit/b4b32677a886bc26d60ce0171505aa3ab0c82c8a 
(sssd-1-16)
        NOTE: Introduced by 
https://github.com/SSSD/sssd/commit/e157b9f6cb370e1b94bcac2044d26ad66d640fba 
(v1.13.91)
 CVE-2021-3620 (A flaw was found in Ansible Engine's ansible-connection module, 
where  ...)
        - ansible-core 2.12.0-1
@@ -328313,7 +328314,7 @@ CVE-2018-16838 (A flaw was found in sssd Group Policy 
Objects implementation. Wh
        NOTE: seems to presuppose configuration mistake: if sssd is not given 
enough permissions
        NOTE: to read GPO, access is systematically granted instead of denied
        NOTE: https://pagure.io/SSSD/sssd/issue/3867
-       NOTE: 
https://pagure.io/SSSD/sssd/c/ad058011b6b75b15c674be46a3ae9b3cc5228175
+       NOTE: 
https://pagure.io/SSSD/sssd/c/ad058011b6b75b15c674be46a3ae9b3cc5228175 
(sssd-1-16)
 CVE-2018-16837 (Ansible "User" module leaks any data which is passed on as a 
parameter ...)
        {DSA-4396-1 DLA-1576-1}
        - ansible 2.7.1+dfsg-1 (bug #912297)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/4124dfe2cae1f04d255add92ca5d40d83717a1b3...6883d6a39ab13dd85333668ae96285338af8fc38

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/4124dfe2cae1f04d255add92ca5d40d83717a1b3...6883d6a39ab13dd85333668ae96285338af8fc38
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to