[Git][security-tracker-team/security-tracker][master] Add oss-security reference for klibc issues
Salvatore Bonaccorso
carnil at debian.org
Fri Apr 30 13:12:16 BST 2021
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
e16cd823 by Salvatore Bonaccorso at 2021-04-30T14:11:18+02:00
Add oss-security reference for klibc issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -105,18 +105,22 @@ CVE-2021-31873 (An issue was discovered in klibc before 2.0.9. Additions in the
- klibc 2.0.8-6
[buster] - klibc <no-dsa> (Minor issue; only used in initramfs and not dealing with untrusted data)
NOTE: https://git.kernel.org/pub/scm/libs/klibc/klibc.git/commit/?id=a31ae8c508fc8d1bca4f57e9f9f88127572d5202
+ NOTE: https://www.openwall.com/lists/oss-security/2021/04/30/1
CVE-2021-31872 (An issue was discovered in klibc before 2.0.9. Multiple possible integ ...)
- klibc 2.0.8-6
[buster] - klibc <no-dsa> (Minor issue; only used in initramfs and not dealing with untrusted data)
NOTE: https://git.kernel.org/pub/scm/libs/klibc/klibc.git/commit/?id=9b1c91577aef7f2e72c3aa11a27749160bd278ff
+ NOTE: https://www.openwall.com/lists/oss-security/2021/04/30/1
CVE-2021-31871 (An issue was discovered in klibc before 2.0.9. An integer overflow in ...)
- klibc 2.0.8-6
[buster] - klibc <no-dsa> (Minor issue; only used in initramfs and not dealing with untrusted data)
NOTE: https://git.kernel.org/pub/scm/libs/klibc/klibc.git/commit/?id=2e48a12ab1e30d43498c2d53e878a11a1b5102d5
+ NOTE: https://www.openwall.com/lists/oss-security/2021/04/30/1
CVE-2021-31870 (An issue was discovered in klibc before 2.0.9. Multiplication in the c ...)
- klibc 2.0.8-6
[buster] - klibc <no-dsa> (Minor issue; only used in initramfs and not dealing with untrusted data)
NOTE: https://git.kernel.org/pub/scm/libs/klibc/klibc.git/commit/?id=292650f04c2b5348b4efbad61fb014ed09b4f3f2
+ NOTE: https://www.openwall.com/lists/oss-security/2021/04/30/1
CVE-2020-36327 (Bundler 1.16.0 through 2.2.9 and 2.2.11 through 2.2.16 sometimes choos ...)
- bundler <unfixed>
NOTE: https://github.com/rubygems/rubygems/issues/3982
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e16cd823ed8b731b295e5ca4d9e50ecf6691f89a
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e16cd823ed8b731b295e5ca4d9e50ecf6691f89a
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210430/016b7261/attachment.htm>
More information about the debian-security-tracker-commits
mailing list