diff options
| author | Salvatore Bonaccorso <carnil@debian.org> | 2021-03-02 08:05:18 +0100 |
|---|---|---|
| committer | Salvatore Bonaccorso <carnil@debian.org> | 2021-03-02 08:05:18 +0100 |
| commit | c0cc9a24df7b2ad044bcbdfbf2139a1d2bd5877c (patch) | |
| tree | 9bb279e4c9be4761758879e7611916f7194083ba /data/CVE | |
| parent | 31e60964d83127af0aec08f1e8a4e0005c55e6cf (diff) | |
CVE-2021-2403{1,2}/libzstd assigned
Diffstat (limited to 'data/CVE')
| -rw-r--r-- | data/CVE/2019.list | 5 | ||||
| -rw-r--r-- | data/CVE/2021.list | 11 |
2 files changed, 4 insertions, 12 deletions
diff --git a/data/CVE/2019.list b/data/CVE/2019.list index 0aad652d50..bf1634dcdb 100644 --- a/data/CVE/2019.list +++ b/data/CVE/2019.list @@ -12,11 +12,6 @@ CVE-2019-25020 (An issue was discovered in Scytl sVote 2.1. Because the sdm-ws-r NOT-FOR-US: Scytl sVote CVE-2019-25019 (LimeSurvey before 4.0.0-RC4 allows SQL injection via the participant m ...) - limesurvey <itp> (bug #472802) -CVE-2019-XXXX [zstd adds read permissions to files while being compressed or uncompressed] - - libzstd 1.4.8+dfsg-1 (bug #981404) - [buster] - libzstd 1.3.8+dfsg-3+deb10u1 - [stretch] - libzstd 1.1.2-1+deb9u1 - NOTE: https://github.com/facebook/zstd/issues/1630 CVE-2019-25018 (In the rcp client in MIT krb5-appl through 1.0.3, malicious servers co ...) - krb5-appl <removed> NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1131109 diff --git a/data/CVE/2021.list b/data/CVE/2021.list index e8f3ffcdb9..0f0bd6d268 100644 --- a/data/CVE/2021.list +++ b/data/CVE/2021.list @@ -2182,11 +2182,12 @@ CVE-2021-26910 (Firejail before 0.9.64.4 allows attackers to bypass intended acc NOTE: Fix (disabled overlayfs): https://github.com/netblue30/firejail/commit/97d8a03cad19501f017587cc4e47d8418273834b NOTE: https://unparalleled.eu/publications/2021/advisory-unpar-2021-0.txt NOTE: https://unparalleled.eu/blog/2021/20210208-rigged-race-against-firejail-for-local-root/ -CVE-2021-XXXX [zstd allows for race-opening files being compressed or uncompressed] +CVE-2021-24032 [zstd allows for race-opening files being compressed or uncompressed] - libzstd 1.4.8+dfsg-2 (bug #982519) - [buster] - libzstd 1.3.8+dfsg-3+deb10u2 - [stretch] - libzstd 1.1.2-1+deb9u1 NOTE: https://github.com/facebook/zstd/issues/2491 +CVE-2021-24031 [zstd adds read permissions to files while being compressed or uncompressed] + - libzstd 1.4.8+dfsg-1 (bug #981404) + NOTE: https://github.com/facebook/zstd/issues/1630 CVE-2021-26852 RESERVED CVE-2021-26851 @@ -8535,10 +8536,6 @@ CVE-2021-24034 RESERVED CVE-2021-24033 RESERVED -CVE-2021-24032 - RESERVED -CVE-2021-24031 - RESERVED CVE-2021-24030 RESERVED CVE-2021-24029 |