Guilhem Moulin pushed to branch master at Debian Security Tracker / security-tracker
Commits: 505f879c by Guilhem Moulin at 2023-10-07T18:49:49+02:00 CVE-2021-33503/python-urllib3: Versions <1.25.4 are unaffected. Per upstream advisory at https://github.com/advisories/GHSA-q2q7-5pp4-w6pg . Likely introduced in https://github.com/urllib3/urllib3/commit/5b047b645f5f93900d5e2fc31230848c25eb1f5f . - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -165855,8 +165855,8 @@ CVE-2021-33504 (Couchbase Server before 7.1.0 has Incorrect Access Control.) NOT-FOR-US: Couchbase Server CVE-2021-33503 (An issue was discovered in urllib3 before 1.26.5. When provided with a ...) - python-urllib3 1.26.5-1~exp1 (bug #989848) - [buster] - python-urllib3 <no-dsa> (Minor issue) - [stretch] - python-urllib3 <ignored> (Intrusive to backport) + [buster] - python-urllib3 <not-affected> (Vulnerable code introduced later) + [stretch] - python-urllib3 <not-affected> (Vulnerable code introduced later) NOTE: https://github.com/advisories/GHSA-q2q7-5pp4-w6pg NOTE: https://github.com/urllib3/urllib3/commit/2d4a3fee6de2fa45eb82169361918f759269b4ec CVE-2021-33502 (The normalize-url package before 4.5.1, 5.x before 5.3.1, and 6.x befo ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/505f879cccf65c19953e8542097be5f0f832a288 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/505f879cccf65c19953e8542097be5f0f832a288 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list [email protected] https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
