[Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2021-38084: Add upstream tag information for future reference

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
de9f5c35 by Salvatore Bonaccorso at 2021-08-06T19:56:08+02:00
CVE-2021-38084: Add upstream tag information for future reference

- - - - -
3cbe7331 by Salvatore Bonaccorso at 2021-08-06T19:56:09+02:00
Remove notes for CVE-2021-31291

This is actually a duplicate of CVE-2021-29457. MITRE will update the
records and REJECT CVE-2021-31291. As this will happen on next feed
update, remove already all references.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -154,7 +154,7 @@ CVE-2021-38084 (An issue was discovered in the POP3 component of Courier Mail Se
 	- courier <unfixed> (bug #989375)
 	NOTE: https://sourceforge.net/p/courier/mailman/courier-imap/thread/cone.1382574216.483027.8082.1000%40monster.email-scan.com/#msg31555583
 	NOTE: https://sourceforge.net/p/courier/mailman/message/37329216/
-	NOTE: https://sourceforge.net/p/courier/courier-libs.git/ci/97ed62b17a2616c758d09105b5a14dd1038cff6f/
+	NOTE: https://sourceforge.net/p/courier/courier-libs.git/ci/97ed62b17a2616c758d09105b5a14dd1038cff6f/ (1.1.5)
 CVE-2021-38083
 	RESERVED
 CVE-2021-38082
@@ -16007,10 +16007,8 @@ CVE-2021-31292 (An integer overflow in CrwMap::encode0x1810 of Exiv2 0.27.3 allo
 	NOTE: https://github.com/Exiv2/exiv2/issues/1530
 	NOTE: https://github.com/Exiv2/exiv2/commit/9b7a19f957af53304655ed1efe32253a1b11a8d0
 	NOTE: In older releases affected code is in src/crwimage.cpp
-CVE-2021-31291 (A heap-based buffer overflow vulnerability in jp2image.cpp of Exiv2 0. ...)
-	- exiv2 <unfixed> (bug #991705)
-	NOTE: https://github.com/Exiv2/exiv2/issues/1529
-	NOTE: https://github.com/Exiv2/exiv2/commit/0230620e6ea5e2da0911318e07ce6e66d1ebdf22
+CVE-2021-31291
+	REJECTED
 CVE-2021-31290
 	RESERVED
 CVE-2021-31289



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/64321b6eaed807f2f33b3d851ec57bc7dfd1dd08...3cbe7331bfcc4896e67fd3067bdd6b8b65f114fe

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/64321b6eaed807f2f33b3d851ec57bc7dfd1dd08...3cbe7331bfcc4896e67fd3067bdd6b8b65f114fe
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210806/1a738500/attachment.htm>