[Git][security-tracker-team/security-tracker][master] CVE-2021-33037,CVE-2021-30640,tomcat9: Fixed in unstable
Markus Koschany (@apo)
apo at debian.org
Sat Aug 7 16:05:42 BST 2021
Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker
Commits:
e8cf6597 by Markus Koschany at 2021-08-07T17:05:09+02:00
CVE-2021-33037,CVE-2021-30640,tomcat9: Fixed in unstable
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -11607,7 +11607,7 @@ CVE-2021-33038 (An issue was discovered in management/commands/hyperkitty_import
NOTE: https://techblog.wikimedia.org/2021/06/11/discovering-and-fixing-cve-2021-33038-in-mailman3/
CVE-2021-33037 (Apache Tomcat 10.0.0-M1 to 10.0.6, 9.0.0.M1 to 9.0.46 and 8.5.0 to 8.5 ...)
{DLA-2733-1}
- - tomcat9 <unfixed> (bug #991046)
+ - tomcat9 9.0.43-2 (bug #991046)
- tomcat8 <removed>
NOTE: https://github.com/apache/tomcat/commit/45d70a86a901cbd534f8f570bed2aec9f7f7b88e (9.0.47)
NOTE: https://github.com/apache/tomcat/commit/05f9e8b00f5d9251fcd3c95dcfd6cf84177f46c8 (9.0.47)
@@ -17581,7 +17581,7 @@ CVE-2021-30641 (Apache HTTP Server versions 2.4.39 to 2.4.46 Unexpected matching
NOTE: https://github.com/apache/httpd/commit/eb986059aa5aa0b6c1d52714ea83e3dd758afdd1
CVE-2021-30640 (A vulnerability in the JNDI Realm of Apache Tomcat allows an attacker ...)
{DLA-2733-1}
- - tomcat9 <unfixed> (bug #991046)
+ - tomcat9 9.0.43-2 (bug #991046)
- tomcat8 <removed>
NOTE: https://bz.apache.org/bugzilla/show_bug.cgi?id=65224
NOTE: https://github.com/apache/tomcat/commit/c4df8d44a959a937d507d15e5b1ca35c3dbc41eb (9.0.46)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e8cf65975716da1df2e7c76cc961baf4455db46a
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e8cf65975716da1df2e7c76cc961baf4455db46a
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210807/91f328a7/attachment.htm>
More information about the debian-security-tracker-commits
mailing list