Update 3 old CVEs for calibre - code removed

Prior to 1.10, Debian packaging removed the vulnerable code (described in bug #584915), it was then removed upstream.
author: Neil Williams <codehelp@debian.org> 2021-11-01 11:34:56 +0000
committer: Neil Williams <codehelp@debian.org> 2021-11-01 11:34:56 +0000
commit: 6ce9803c5edeed34d0bbd43f6f9cfef3cd115b9b (patch)
tree: af14a6c4fab738a051066b83e40cc80d42c24d4b
parent: 59e58404ef2cf9933f124ca38e12d7af5166140a (diff)
1 files changed, 6 insertions, 3 deletions
diff --git a/data/CVE/2011.list b/data/CVE/2011.list
index 51b09714e5..4747a73489 100644
--- a/data/CVE/2011.list
+++ b/data/CVE/2011.list
@@ -2787,11 +2787,14 @@ CVE-2011-4127 (The Linux kernel before 3.2.2 does not properly restrict SG_IO io
 	- libguestfs 1:1.14.8-1
 	- linux-2.6 <removed>
 CVE-2011-4126 (Race condition issues were found in Calibre at devices/linux_mount_hel ...)
-	TODO: check
+	- calibre 0.6.54+dfsg-1 (bug #584915)
+	NOTE: Vulnerable code removed upstream at version 1.10, removed by Debian packaging prior to that.
 CVE-2011-4125 (A untrusted search path issue was found in Calibre at devices/linux_mo ...)
-	TODO: check
+	- calibre 0.6.54+dfsg-1 (bug #584915)
+	NOTE: Vulnerable code removed upstream at version 1.10, removed by Debian packaging prior to that.
 CVE-2011-4124 (Input validation issues were found in Calibre at devices/linux_mount_h ...)
-	TODO: check
+	- calibre 0.6.54+dfsg-1 (bug #584915)
+	NOTE: Vulnerable code removed upstream at version 1.10, removed by Debian packaging prior to that.
 CVE-2011-4123
 	REJECTED
 CVE-2011-4122 (Directory traversal vulnerability in openpam_configure.c in OpenPAM be ...)
author	Neil Williams <codehelp@debian.org>	2021-11-01 11:34:56 +0000
committer	Neil Williams <codehelp@debian.org>	2021-11-01 11:34:56 +0000
commit	6ce9803c5edeed34d0bbd43f6f9cfef3cd115b9b (patch)
tree	af14a6c4fab738a051066b83e40cc80d42c24d4b
parent	59e58404ef2cf9933f124ca38e12d7af5166140a (diff)