[Git][security-tracker-team/security-tracker][master] CVEs for haproxy assigned
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Aug 17 21:16:38 BST 2021
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
72775d7f by Salvatore Bonaccorso at 2021-08-17T22:16:13+02:00
CVEs for haproxy assigned
- - - - -
2 changed files:
- data/CVE/list
- data/DSA/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -5,11 +5,21 @@ CVE-2021-39244
CVE-2021-39243
RESERVED
CVE-2021-39242 (An issue was discovered in HAProxy 2.2 before 2.2.16, 2.3 before 2.3.1 ...)
- TODO: check
+ - haproxy <unfixed>
+ [buster] - haproxy <not-affected> (Vulnerable code introduced later)
+ NOTE: https://www.mail-archive.com/haproxy@formilux.org/msg41041.html
+ NOTE: https://git.haproxy.org/?p=haproxy.git;a=commit;h=b5d2b9e154d78e4075db163826c5e0f6d31b2ab1
CVE-2021-39241 (An issue was discovered in HAProxy 2.0 before 2.0.24, 2.2 before 2.2.1 ...)
- TODO: check
+ - haproxy <unfixed>
+ [buster] - haproxy <not-affected> (Vulnerable code introduced later)
+ NOTE: https://www.mail-archive.com/haproxy@formilux.org/msg41041.html
+ NOTE: https://git.haproxy.org/?p=haproxy.git;a=commit;h=89265224d314a056d77d974284802c1b8a0dc97f
CVE-2021-39240 (An issue was discovered in HAProxy 2.2 before 2.2.16, 2.3 before 2.3.1 ...)
- TODO: check
+ - haproxy <unfixed>
+ [buster] - haproxy <not-affected> (Vulnerable code introduced later)
+ NOTE: https://www.mail-archive.com/haproxy@formilux.org/msg41041.html
+ NOTE: https://git.haproxy.org/?p=haproxy.git;a=commit;h=4b8852c70d8c4b7e225e24eb58258a15eb54c26e
+ NOTE: https://git.haproxy.org/?p=haproxy.git;a=commit;h=a495e0d94876c9d39763db319f609351907a31e8
CVE-2021-39239
RESERVED
CVE-2021-39238
@@ -30,11 +40,6 @@ CVE-2021-39231
RESERVED
CVE-2021-3713
RESERVED
-CVE-2021-XXXX [HTTP/2 vulnerabilities from 2.0 to 2.5-dev]
- - haproxy <unfixed>
- [bullseye] - haproxy 2.2.9-2+deb11u1
- [buster] - haproxy <not-affected> (Vulnerable code introduced later)
- NOTE: https://www.mail-archive.com/haproxy@formilux.org/msg41041.html
CVE-2021-39230
RESERVED
CVE-2021-39229
=====================================
data/DSA/list
=====================================
@@ -1,4 +1,5 @@
[17 Aug 2021] DSA-4960-1 haproxy - security update
+ {CVE-2021-39240 CVE-2021-39241 CVE-2021-39242}
[bullseye] - haproxy 2.2.9-2+deb11u1
[15 Aug 2021] DSA-4959-1 thunderbird - security update
{CVE-2021-29980 CVE-2021-29984 CVE-2021-29985 CVE-2021-29986 CVE-2021-29988 CVE-2021-29989}
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/72775d7fd782c81a06af3978aebba5c7fb1397d7
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/72775d7fd782c81a06af3978aebba5c7fb1397d7
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210817/0bd47b1d/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list