[Git][security-tracker-team/security-tracker][master] CVE-2021-33037,CVE-2021-30640,tomcat9: Fixed in unstable

Markus Koschany (@apo) apo at debian.org
Sat Aug 7 16:05:42 BST 2021



Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker


Commits:
e8cf6597 by Markus Koschany at 2021-08-07T17:05:09+02:00
CVE-2021-33037,CVE-2021-30640,tomcat9: Fixed in unstable

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -11607,7 +11607,7 @@ CVE-2021-33038 (An issue was discovered in management/commands/hyperkitty_import
 	NOTE: https://techblog.wikimedia.org/2021/06/11/discovering-and-fixing-cve-2021-33038-in-mailman3/
 CVE-2021-33037 (Apache Tomcat 10.0.0-M1 to 10.0.6, 9.0.0.M1 to 9.0.46 and 8.5.0 to 8.5 ...)
 	{DLA-2733-1}
-	- tomcat9 <unfixed> (bug #991046)
+	- tomcat9 9.0.43-2 (bug #991046)
 	- tomcat8 <removed>
 	NOTE: https://github.com/apache/tomcat/commit/45d70a86a901cbd534f8f570bed2aec9f7f7b88e (9.0.47)
 	NOTE: https://github.com/apache/tomcat/commit/05f9e8b00f5d9251fcd3c95dcfd6cf84177f46c8 (9.0.47)
@@ -17581,7 +17581,7 @@ CVE-2021-30641 (Apache HTTP Server versions 2.4.39 to 2.4.46 Unexpected matching
 	NOTE: https://github.com/apache/httpd/commit/eb986059aa5aa0b6c1d52714ea83e3dd758afdd1
 CVE-2021-30640 (A vulnerability in the JNDI Realm of Apache Tomcat allows an attacker  ...)
 	{DLA-2733-1}
-	- tomcat9 <unfixed> (bug #991046)
+	- tomcat9 9.0.43-2 (bug #991046)
 	- tomcat8 <removed>
 	NOTE: https://bz.apache.org/bugzilla/show_bug.cgi?id=65224
 	NOTE: https://github.com/apache/tomcat/commit/c4df8d44a959a937d507d15e5b1ca35c3dbc41eb (9.0.46)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e8cf65975716da1df2e7c76cc961baf4455db46a

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e8cf65975716da1df2e7c76cc961baf4455db46a
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210807/91f328a7/attachment.htm>


More information about the debian-security-tracker-commits mailing list