Add CVE-2021-399{5,6}/util-linux

author: Salvatore Bonaccorso <carnil@debian.org> 2022-01-24 12:18:09 +0100
committer: Salvatore Bonaccorso <carnil@debian.org> 2022-01-24 12:18:09 +0100
commit: e3abe3b3e984b2394e52c4361e3e2711dfbe2b69 (patch)
tree: e8a5ac382e8b6f480e7bb6564f543706bb69aab2
parent: b45f853ebce4e8ab37d3a07bb939981abfd3b875 (diff)
1 files changed, 10 insertions, 0 deletions
diff --git a/data/CVE/2021.list b/data/CVE/2021.list
index d812ba7840..54c8f861e8 100644
--- a/data/CVE/2021.list
+++ b/data/CVE/2021.list
@@ -6097,8 +6097,18 @@ CVE-2021-44079 (In the wazuh-slack active response script in Wazuh 4.2.x before
 	NOT-FOR-US: Wazuh
 CVE-2021-3996
 	RESERVED
+	- util-linux <unfixed>
+	[buster] - util-linux <not-affected> (Vulnerable code introduced later)
+	[stretch] - util-linux <not-affected> (Vulnerable code introduced later)
+	NOTE: Introduced by: https://github.com/util-linux/util-linux/commit/5fea669e9ef0a08804f72bb40f859f239f68c30a (v2.34-rc1)
+	NOTE: https://mirrors.edge.kernel.org/pub/linux/utils/util-linux/v2.37/v2.37.3-ReleaseNotes
 CVE-2021-3995
 	RESERVED
+	- util-linux <unfixed>
+	[buster] - util-linux <not-affected> (Vulnerable code introduced later)
+	[stretch] - util-linux <not-affected> (Vulnerable code introduced later)
+	NOTE: Introduced by: https://github.com/util-linux/util-linux/commit/5fea669e9ef0a08804f72bb40f859f239f68c30a (v2.34-rc1)
+	NOTE: https://mirrors.edge.kernel.org/pub/linux/utils/util-linux/v2.37/v2.37.3-ReleaseNotes
 CVE-2021-3994 (django-helpdesk is vulnerable to Improper Neutralization of Input Duri ...)
 	NOT-FOR-US: django-helpdesk
 CVE-2021-3993 (showdoc is vulnerable to Cross-Site Request Forgery (CSRF) ...)
author	Salvatore Bonaccorso <carnil@debian.org>	2022-01-24 12:18:09 +0100
committer	Salvatore Bonaccorso <carnil@debian.org>	2022-01-24 12:18:09 +0100
commit	e3abe3b3e984b2394e52c4361e3e2711dfbe2b69 (patch)
tree	e8a5ac382e8b6f480e7bb6564f543706bb69aab2
parent	b45f853ebce4e8ab37d3a07bb939981abfd3b875 (diff)