[Git][security-tracker-team/security-tracker][master] 2 commits: Add fixed version for CVE-2021-28166/mosquitto

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
1e124811 by Roger A. Light at 2021-04-10T01:48:40+01:00
Add fixed version for CVE-2021-28166/mosquitto

Also update unaffected versions.

- - - - -
65b7ed56 by Salvatore Bonaccorso at 2021-04-10T08:43:26+00:00
Merge branch 'master' into 'master'

Add fixed version for CVE-2021-28166/mosquitto

See merge request security-tracker-team/security-tracker!83
- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -5114,7 +5114,9 @@ CVE-2021-28168
 CVE-2021-28167
 	RESERVED
 CVE-2021-28166 (In Eclipse Mosquitto version 2.0.0 to 2.0.9, if an authenticated clien ...)
-	- mosquitto <unfixed> (bug #986701)
+	- mosquitto 2.0.10-1 (bug #986701)
+	[buster] - mosquitto <not-affected> (Vulnerable code introduced in 2.0)
+	[stretch] - mosquitto <not-affected> (Vulnerable code introduced in 2.0)
 	NOTE: https://bugs.eclipse.org/bugs/show_bug.cgi?id=572608
 CVE-2021-28165 (In Eclipse Jetty 7.2.2 to 9.4.38, 10.0.0.alpha0 to 10.0.1, and 11.0.0. ...)
 	- jetty9 <unfixed>



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/2a3ea879df0cfece714c81787a0ed7e18882d786...65b7ed56d981bbb01b96005bb644dba7b8a219df

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/2a3ea879df0cfece714c81787a0ed7e18882d786...65b7ed56d981bbb01b96005bb644dba7b8a219df
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210410/8c58c14d/attachment.htm>