[Git][security-tracker-team/security-tracker][master] Add CVE-2021-41039/mosquitto
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu Dec 2 21:10:35 GMT 2021
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
1f0a950a by Salvatore Bonaccorso at 2021-12-02T22:10:05+01:00
Add CVE-2021-41039/mosquitto
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -11656,7 +11656,11 @@ CVE-2021-41041
CVE-2021-41040
RESERVED
CVE-2021-41039 (In versions 1.6 to 2.0.11 of Eclipse Mosquitto, an MQTT v5 client conn ...)
- TODO: check
+ - mosquitto <unfixed>
+ [buster] - mosquitto <not-affected> (Vulnerable code introduced later)
+ [stretch] - mosquitto <not-affected> (Vulnerable code introduced later)
+ NOTE: https://bugs.eclipse.org/bugs/show_bug.cgi?id=575314
+ NOTE: Proposed fix: https://bugzillaattachments.eclipsecontent.org/bugs/attachment.cgi?id=286914
CVE-2021-41038 (In versions of the @theia/plugin-ext component of Eclipse Theia prior ...)
NOT-FOR-US: Eclipse Theia
CVE-2021-41037
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1f0a950a26d81bcaf0f2708fb827ef01bf38c8c2
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1f0a950a26d81bcaf0f2708fb827ef01bf38c8c2
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20211202/7d8887a2/attachment.htm>
More information about the debian-security-tracker-commits
mailing list