Update status for CVE-2021-30535/icu

author: Salvatore Bonaccorso <carnil@debian.org> 2021-11-25 06:15:55 +0100
committer: Salvatore Bonaccorso <carnil@debian.org> 2021-11-25 06:15:55 +0100
commit: e9a96ae3b2653643346dfe1d7228bdb23d38107b (patch)
tree: 4a65d719290405fa6656b31f39102087aeadddb4
parent: e382de7b7f385d3e81d8caf51054c562bca3cb34 (diff)
1 files changed, 3 insertions, 0 deletions
diff --git a/data/CVE/2021.list b/data/CVE/2021.list
index 9d8f890357..11431af7d9 100644
--- a/data/CVE/2021.list
+++ b/data/CVE/2021.list
@@ -32438,10 +32438,13 @@ CVE-2021-30535 (Double free in ICU in Google Chrome prior to 91.0.4472.77 allowe
 	- chromium 93.0.4577.82-1 (bug #990079)
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 	- icu 67.1-7
+	[buster] - icu <not-affected> (Vulnerable code introduced later)
 	[stretch] - icu <not-affected> (Vulnerable code not present)
 	NOTE: https://bugs.chromium.org/p/chromium/issues/detail?id=1194899 (restricted)
 	NOTE: Bugfix: https://github.com/unicode-org/icu/pull/1698/commits/e450fa50fc242282551f56b941dc93b9a8a0bcbb
 	NOTE: Backports: https://chromium-review.googlesource.com/c/chromium/deps/icu/+/2842864
+	NOTE: Introduced by: https://github.com/unicode-org/icu/commit/596647c0c34bf19d90d7c90d4f3827876fef688f (release-66-preview)
+	NOTE: Fixed by: https://github.com/unicode-org/icu/commit/2dc5bea9061b4fb05cd03e21b775dd944a0eb81d
 CVE-2021-30534 (Insufficient policy enforcement in iFrameSandbox in Google Chrome prio ...)
 	- chromium 93.0.4577.82-1 (bug #990079)
 	[stretch] - chromium <end-of-life> (see DSA 4562)
author	Salvatore Bonaccorso <carnil@debian.org>	2021-11-25 06:15:55 +0100
committer	Salvatore Bonaccorso <carnil@debian.org>	2021-11-25 06:15:55 +0100
commit	e9a96ae3b2653643346dfe1d7228bdb23d38107b (patch)
tree	4a65d719290405fa6656b31f39102087aeadddb4
parent	e382de7b7f385d3e81d8caf51054c562bca3cb34 (diff)