[Git][security-tracker-team/security-tracker][master] Add CVE-2021-39272/fetchmail

Fri Aug 27 14:13:32 BST 2021


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
5c701612 by Salvatore Bonaccorso at 2021-08-27T15:12:57+02:00
Add CVE-2021-39272/fetchmail

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1887,8 +1887,10 @@ CVE-2021-39274 (In XeroSecurity Sn1per 9.0 (free version), insecure directory pe
 	NOT-FOR-US: XeroSecurity Sn1per
 CVE-2021-39273 (In XeroSecurity Sn1per 9.0 (free version), insecure permissions (0777) ...)
 	NOT-FOR-US: XeroSecurity Sn1per
-CVE-2021-39272
+CVE-2021-39272 [TLS bypass vulnerabilities ("NO STARTTLS")]
 	RESERVED
+	- fetchmail <unfixed>
+	NOTE: https://www.fetchmail.info/fetchmail-SA-2021-02.txt
 CVE-2021-39271
 	RESERVED
 CVE-2021-39270 (In Ping Identity RSA SecurID Integration Kit before 3.2, user imperson ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5c70161298c77194b44378080e3225ec946795c3

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5c70161298c77194b44378080e3225ec946795c3
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210827/46ab4156/attachment.htm>
