diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2021-03-05 09:15:22 +0100 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2021-03-05 09:15:22 +0100 |
commit | 9bc8cff482cdec3d1f2298048f60a4de029bf297 (patch) | |
tree | 0ee8eae33fa5ac5ae4fb48bf0d2309564eaa4f3d /data/CVE/2021.list | |
parent | 97055a343e59d2620590deb48794acb4253f25fc (diff) |
Do not track CVE-2021-24032 for DLA-2573-1
The CVE was assigned for an incomplete fix (which affected indeed
unstable and buster, but for stretch the issue in CVE-2021-24031 was in
one go fixed with the correct fix without opening CVE-2021-24032).
Adjust tracking to reflect the situation in the supported suites.
Diffstat (limited to 'data/CVE/2021.list')
-rw-r--r-- | data/CVE/2021.list | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/data/CVE/2021.list b/data/CVE/2021.list index 11eeca9c2f..09a7875983 100644 --- a/data/CVE/2021.list +++ b/data/CVE/2021.list @@ -2395,8 +2395,9 @@ CVE-2021-26910 (Firejail before 0.9.64.4 allows attackers to bypass intended acc NOTE: https://unparalleled.eu/publications/2021/advisory-unpar-2021-0.txt NOTE: https://unparalleled.eu/blog/2021/20210208-rigged-race-against-firejail-for-local-root/ CVE-2021-24032 (Beginning in v1.4.1 and prior to v1.4.9, due to an incomplete fix for ...) - {DSA-4859-1 DLA-2573-1} + {DSA-4859-1} - libzstd 1.4.8+dfsg-2 (bug #982519) + [stretch] - libzstd <not-affected> (Incomplete fix for CVE-2021-24031 not applied) NOTE: https://github.com/facebook/zstd/issues/2491 CVE-2021-24031 (In the Zstandard command-line utility prior to v1.4.1, output files we ...) {DSA-4850-1 DLA-2573-1} |