<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd">

<html lang="en">

<head>

<meta content="text/html; charset=US-ASCII" http-equiv="Content-Type">

<title>

GitLab

</title>

<style>img {

max-width: 100%; height: auto;

}

</style>

</head>

<body>

<div class="content">

<h3>

Salvatore Bonaccorso pushed to branch master

at <a href="https://salsa.debian.org/security-tracker-team/security-tracker">Debian Security Tracker / security-tracker</a>

</h3>

<h4>

Commits:

</h4>

<ul>

<li>

<strong><a href="https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f7b35090e4a721dda77fe050c07f682a93b71bc2">f7b35090</a></strong>

<div>

<span>by Salvatore Bonaccorso</span>

<i>at 2021-05-22T14:47:54+02:00</i>

</div>

<pre class="commit-message" style="white-space: pre-wrap; margin: 0;">Revert "mark CVE-2021-21419 as not-affected for Buster"

This reverts commit dc893f404583c840bf069f9f02c4a67e369ed524.

The issue is/might still present in the no compression support case (but

in this case less likely to be possible to exploited).

Details in https://github.com/eventlet/eventlet/commit/1412f5e4125b4313f815778a1acb4d3336efcd07#commitcomment-51161227

GHSA-9p9m-jm8w-94p2 as well mentions affected versions to include those

which have not compression or per message deflate extension support.

</pre>

</li>

<li>

<strong><a href="https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/753324dd72823297064f02b83d5976a746df0d9d">753324dd</a></strong>

<div>

<span>by Salvatore Bonaccorso</span>

<i>at 2021-05-22T14:50:48+02:00</i>

</div>

<pre class="commit-message" style="white-space: pre-wrap; margin: 0;">Mark CVE-2021-21419/python-eventlet as no-dsa for buster

</pre>

</li>

</ul>

<h4>1 changed file:</h4>

<ul>

<li class="file-stats">

<a href="#4716ef5aa8f2742228ba3b3633215c8b808565e3">

data/CVE/list

</a>

</li>

</ul>

<h4>Changes:</h4>

<li id="4716ef5aa8f2742228ba3b3633215c8b808565e3">

<a href="https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/dc893f404583c840bf069f9f02c4a67e369ed524...753324dd72823297064f02b83d5976a746df0d9d#4716ef5aa8f2742228ba3b3633215c8b808565e3"><strong>data/CVE/list</strong></a>

<hr>

No preview for this file type

<br>

</li>

</div>

<div class="footer" style="margin-top: 10px;">

<p style="font-size: small; color: #666;">

—

<br>

<a href="https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/dc893f404583c840bf069f9f02c4a67e369ed524...753324dd72823297064f02b83d5976a746df0d9d">View it on GitLab</a>.

<br>

You're receiving this email because of your account on salsa.debian.org.

If you'd like to receive fewer emails, you can

adjust your notification settings.

</p>

</div>

</body>

</html>