diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2021-03-01 09:03:10 +0100 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2021-03-01 09:03:10 +0100 |
commit | a93a0cc763ab7edb8110d2a56864dcfcdfb95ccb (patch) | |
tree | 0629489fbc9de5502fab450529638a10ee771f87 | |
parent | 45dc42284d40f14be498a962f9f7e33bb394d332 (diff) |
Track status for CVE-2021-3349
This is disputed on GNOME Evolution side, and defered completely by
upsream to GnuPG. Though the reporter claims that GnuPG aleady provides
what would be needed to fix (additionally) in evolution.
-rw-r--r-- | data/CVE/2021.list | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/data/CVE/2021.list b/data/CVE/2021.list index 0c901d024a..f42f44a28e 100644 --- a/data/CVE/2021.list +++ b/data/CVE/2021.list @@ -2829,7 +2829,13 @@ CVE-2021-3351 CVE-2021-3350 (deleteaccount.php in the Delete Account plugin 1.4 for MyBB allows XSS ...) NOT-FOR-US: Delete Account plugin for MyBB CVE-2021-3349 (** DISPUTED ** GNOME Evolution through 3.38.3 produces a "Valid signat ...) - TODO: check + - evolution <unfixed> (unimportant) + NOTE: GNOME Evlolution upstreams claims that the issue should be fixed completely + NOTE: on the GnuPG side, whilst the reporter claims theat GnuPG provides what is + NOTE: needed to adress it on evolution's side. + NOTE: https://dev.gnupg.org/T4735 + NOTE: https://gitlab.gnome.org/GNOME/evolution/-/issues/299 + NOTE: https://mgorny.pl/articles/evolution-uid-trust-extrapolation.html CVE-2021-26538 RESERVED CVE-2021-26537 |