[Git][security-tracker-team/security-tracker][master] 2 commits: Revert "Marke CVE-2021-44917 as not-affected in buster"

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sat Dec 25 19:39:50 GMT 2021 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
d6e2005b by Salvatore Bonaccorso at 2021-12-25T20:37:42+01:00
Revert "Marke CVE-2021-44917 as not-affected in buster"

This reverts commit 9769c3ba5c5c6526d6e840dd8d51004c5c247068.

Not reproducible is not a reason for not-affected primarily, but was the
commit intended for stretch?

- - - - -
1111ee04 by Salvatore Bonaccorso at 2021-12-25T20:38:37+01:00
Track fixed version via unstable for CVE-2021-44917/gnuplot

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -2340,8 +2340,7 @@ CVE-2021-44918 (A Null Pointer Dereference vulnerability exists in gpac 1.1.0 in
 	NOTE: https://github.com/gpac/gpac/issues/1968
 	NOTE: https://github.com/gpac/gpac/commit/75474199cf7187868fa4be4e76377db3c659ee9a
 CVE-2021-44917 (A Divide by Zero vulnerability exists in gnuplot 5.4 in the boundary3d ...)
-	- gnuplot <unfixed> (unimportant; bug #1002539)
-	[buster] - gnuplot <not-affected> (Vulnerable code not present, bug not reproducible)
+	- gnuplot 5.4.2+dfsg2-2 (unimportant; bug #1002539)
 	NOTE: https://sourceforge.net/p/gnuplot/bugs/2474/
 	NOTE: https://sourceforge.net/p/gnuplot/gnuplot-main/ci/8938dfc937348f1d4e7b3d6ef6d44209b1d89473/ (master)
 	NOTE: https://sourceforge.net/p/gnuplot/gnuplot-main/ci/acab14de21e323254507fca85f964e471258ac82/ (master)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/9769c3ba5c5c6526d6e840dd8d51004c5c247068...1111ee049e279a8967d302447711b8aa2f43fdc4

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/9769c3ba5c5c6526d6e840dd8d51004c5c247068...1111ee049e279a8967d302447711b8aa2f43fdc4
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20211225/07f7aaaa/attachment.htm>

More information about the debian-security-tracker-commits mailing list