diff options
| author | Moritz Muehlenhoff <jmm@debian.org> | 2021-03-03 17:18:44 +0100 |
|---|---|---|
| committer | Moritz Muehlenhoff <jmm@debian.org> | 2021-03-03 17:19:28 +0100 |
| commit | 9c5aa1c7a3aa0a9747f432b00566a043316db48f (patch) | |
| tree | cbc75e5e78a9a793e9fc988b070560a42a8078eb | |
| parent | 5d30341113d54a322b7a5e48f2538c289c21056f (diff) | |
newlib issue affects picolibc
| -rw-r--r-- | data/CVE/2021.list | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/data/CVE/2021.list b/data/CVE/2021.list index 38f3825650..54bd60aa7d 100644 --- a/data/CVE/2021.list +++ b/data/CVE/2021.list @@ -1,8 +1,10 @@ CVE-2021-3420 RESERVED - newlib <unfixed> + - picolibc 1.5-1 + NOTE: Fix in picolibc: https://keithp.com/cgit/picolibc.git/commit/newlib/libc/stdlib/mallocr.c?id=aa106b29a6a8a1b0df9e334704292cbc32f2d44e NOTE: https://sourceware.org/git/?p=newlib-cygwin.git;a=commit;h=aa106b29a6a8a1b0df9e334704292cbc32f2d44e - TODO: check libnewlib-nano, picolibc potentially derived code, if not then the CVE does not apply + TODO: check libnewlib-nano, potentially derived code, if not then the CVE does not apply CVE-2021-27917 RESERVED CVE-2021-27916 |