[Git][security-tracker-team/security-tracker][master] Update notes for CVE-2021-3502

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
00c78f5b by Salvatore Bonaccorso at 2021-08-09T21:15:06+02:00
Update notes for CVE-2021-3502

CVE-2021-36217 is marked (will be updated soon in the feed) as REJECTED,
it is a duplicate of CVE-2021-3502, which MITRE is going to retain.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -4647,14 +4647,8 @@ CVE-2021-36219
 	RESERVED
 CVE-2021-36218
 	RESERVED
-CVE-2021-36217 (Avahi 0.8 allows a local denial of service (NULL pointer dereference a ...)
-	- avahi <unfixed> (bug #990900)
-	[bullseye] - avahi <no-dsa> (Minor issue)
-	[buster] - avahi <not-affected> (Vulnerable code introduced later)
-	[stretch] - avahi <not-affected> (Vulnerable code introduced later)
-	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1188083
-	NOTE: Fixed by: https://github.com/lathiat/avahi/commit/9d31939e55280a733d930b15ac9e4dda4497680c
-	NOTE: Introduced by: https://github.com/lathiat/avahi/commit/8f75a045709a780c8cf92a6a21e9d35b593bdecd (v0.8)
+CVE-2021-36217
+	REJECTED
 CVE-2021-36216
 	RESERVED
 CVE-2021-36215
@@ -16176,6 +16170,7 @@ CVE-2021-3502 (A flaw was found in avahi 0.8-5. A reachable assertion is present
 	[buster] - avahi <not-affected> (Vulnerable code introduced later)
 	[stretch] - avahi <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/lathiat/avahi/issues/338
+	NOTE: Fixed by: https://github.com/lathiat/avahi/commit/9d31939e55280a733d930b15ac9e4dda4497680c
 	NOTE: Introduced by: https://github.com/lathiat/avahi/commit/80c98fa16782e921f5b5d5c880f1d80f5c43bd49 (v0.8)
 CVE-2021-3500 (A flaw was found in djvulibre-3.5.28 and earlier. A Stack overflow in  ...)
 	{DLA-2667-1}



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/00c78f5baa695400efa184b78b220712d118532f

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/00c78f5baa695400efa184b78b220712d118532f
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210809/90af0bce/attachment.htm>