Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
f66397d8 by Salvatore Bonaccorso at 2023-08-17T20:04:22+02:00
Update information on CVE-2021-21439
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -189548,10 +189548,9 @@ CVE-2021-21439 (DoS attack can be performed when an
email contains specially des
- otrs2 6.0.32-5 (bug #989992)
[buster] - otrs2 <no-dsa> (Non-free not supported)
[stretch] - otrs2 <no-dsa> (Non-free not supported)
+ - znuny <not-affected> (Fixed before initial upload to Debian)
NOTE: https://otrs.com/release-notes/otrs-security-advisory-2021-09/
NOTE: Fixed by:
https://github.com/znuny/Znuny/commit/b67e43f73dbb3c029504a082c7807677ed091d23
(znuny 6.0.33)
- NOTE: Reference is for OTRS, no reference for znuny yet (in bullseye
- NOTE: src:otrs2 is the znuny fork)
CVE-2021-21438 (Agents are able to see linked FAQ articles without permissions
(define ...)
NOT-FOR-US: OTRS FAQ addon (and OTRS 7 which is proprietary)
CVE-2021-21437 (Agents are able to see linked Config Items without
permissions, which ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f66397d8b64e601d1e5be49467337d97b562d997
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f66397d8b64e601d1e5be49467337d97b562d997
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
