[Git][security-tracker-team/security-tracker][master] 2 commits: Track fixed version for CVE-2013-0340/expat via unstable

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
f6762517 by Salvatore Bonaccorso at 2021-12-18T09:54:10+01:00
Track fixed version for CVE-2013-0340/expat via unstable

- - - - -
416125ba by Salvatore Bonaccorso at 2021-12-18T09:55:11+01:00
Add reference to filled Debian bug for CVE-2013-0340/expat

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -410871,7 +410871,7 @@ CVE-2013-0341 [external entity expansion]
 	REJECTED
 CVE-2013-0340 (expat 2.1.0 and earlier does not properly handle entities expansion un ...)
 	[experimental] - expat 2.4.1-1
-	- expat <unfixed> (unimportant)
+	- expat 2.4.1-2 (unimportant; bug #1001864)
 	NOTE: Expat provides API to mitigate expansion attacks, ultimately under control of the app using Expat
 	NOTE: https://people.canonical.com/~ubuntu-security/cve/2013/CVE-2013-0340.html
 CVE-2013-0339 (libxml2 through 2.9.1 does not properly handle external entities expan ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/e8bb92f535453a83e58b68c0ff6536e500b9d831...416125ba7d10f0b46e634b60452fb5ec13d341cb

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/e8bb92f535453a83e58b68c0ff6536e500b9d831...416125ba7d10f0b46e634b60452fb5ec13d341cb
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20211218/e5f336d3/attachment.htm>