[Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2021-43400/bluez
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sun Dec 19 07:53:25 GMT 2021
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
8f2f23a4 by Salvatore Bonaccorso at 2021-12-19T08:50:58+01:00
Track fixed version for CVE-2021-43400/bluez
Note to reviewers: The second CVE mentioned in the changes is actually
no fixed, so do not rack CVE-2021-41229 yet to fixed in 5.62-1. Asked
maintainer to double-check.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -5905,7 +5905,7 @@ CVE-2021-3929 [nvme: DMA reentrancy issue leads to use-after-free]
NOTE: https://gitlab.com/qemu-project/qemu/-/issues/556
NOTE: Proposed patchset: https://lists.nongnu.org/archive/html/qemu-devel/2021-08/msg03692.html
CVE-2021-43400 (An issue was discovered in gatt-database.c in BlueZ 5.61. A use-after- ...)
- - bluez <unfixed> (bug #998626)
+ - bluez 5.62-1 (bug #998626)
[bullseye] - bluez <no-dsa> (Minor issue; can be fixed in point release)
[buster] - bluez <no-dsa> (Minor issue; can be fixed in point release)
[stretch] - bluez <ignored> (invasive patch, requires post-stretch revamps)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8f2f23a407c7467a895c2f329303e95ce425f10d
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8f2f23a407c7467a895c2f329303e95ce425f10d
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20211219/da353532/attachment.htm>
More information about the debian-security-tracker-commits
mailing list