Mark CVE-2021-43617 as no-dsa

author: Salvatore Bonaccorso <carnil@debian.org> 2022-01-02 15:44:04 +0100
committer: Salvatore Bonaccorso <carnil@debian.org> 2022-01-02 15:44:04 +0100
commit: 208be140b248916a718c25c71f2373dbc2e4156b (patch)
tree: cb295cdd8ede8ffd48ca57c950f31b72d7eb139d
parent: 181a966ceba9e663659532072ab482994dbed543 (diff)
1 files changed, 1 insertions, 0 deletions
diff --git a/data/CVE/2021.list b/data/CVE/2021.list
index e52a30a678..6bffa2d346 100644
--- a/data/CVE/2021.list
+++ b/data/CVE/2021.list
@@ -5937,6 +5937,7 @@ CVE-2021-43618 (GNU Multiple Precision Arithmetic Library (GMP) through 6.2.1 ha
 	NOTE: https://gmplib.org/repo/gmp-6.2/rev/561a9c25298e
 CVE-2021-43617 (Laravel Framework through 8.70.2 does not sufficiently block the uploa ...)
 	- php-laravel-framework 6.20.14+dfsg-3
+	[bullseye] - php-laravel-framework <no-dsa> (Can be fixed via point release)
 	NOTE: https://hosein-vita.medium.com/laravel-8-x-image-upload-bypass-zero-day-852bd806019b
 CVE-2021-3957 (kimai2 is vulnerable to Cross-Site Request Forgery (CSRF) ...)
 	NOT-FOR-US: kimai2
author	Salvatore Bonaccorso <carnil@debian.org>	2022-01-02 15:44:04 +0100
committer	Salvatore Bonaccorso <carnil@debian.org>	2022-01-02 15:44:04 +0100
commit	208be140b248916a718c25c71f2373dbc2e4156b (patch)
tree	cb295cdd8ede8ffd48ca57c950f31b72d7eb139d
parent	181a966ceba9e663659532072ab482994dbed543 (diff)