[Git][security-tracker-team/security-tracker][master] Add CVE-2021-22931/nodejs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
a5f341c6 by Salvatore Bonaccorso at 2021-08-14T09:32:52+02:00
Add CVE-2021-22931/nodejs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -37594,8 +37594,11 @@ CVE-2021-22933
 	RESERVED
 CVE-2021-22932
 	RESERVED
-CVE-2021-22931
+CVE-2021-22931 [cares upgrade - Improper handling of untypical characters in domain names]
 	RESERVED
+	- nodejs <undetermined>
+	NOTE: https://nodejs.org/en/blog/vulnerability/aug-2021-security-releases/#cares-upgrade-improper-handling-of-untypical-characters-in-domain-names-high-cve-2021-22931
+	TODO: check, nodejfs uses system c-ares which fixed CVE-2021-3672 and so this entry might be not-affected
 CVE-2021-22930 [Use after free on close http2 on stream canceling]
 	RESERVED
 	- nodejs 12.22.4~dfsg-1



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a5f341c630e89339606d8587ecee89e5913d00a1

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a5f341c630e89339606d8587ecee89e5913d00a1
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210814/f8d19efa/attachment.htm>