[Git][security-tracker-team/security-tracker][master] Add additional references for routinator from RPKI validator security issues document

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue Dec 28 14:11:49 GMT 2021



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
12907e70 by Salvatore Bonaccorso at 2021-12-28T15:11:06+01:00
Add additional references for routinator from RPKI validator security issues document

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -9996,18 +9996,22 @@ CVE-2021-43174 (NLnet Labs Routinator versions 0.9.0 up to and including 0.10.1,
 	- routinator <itp> (bug #929024)
 	- cfrpki 1.4.0-1
 	NOTE: https://www.nlnetlabs.nl/downloads/routinator/CVE-2021-43172_CVE-2021-43173_CVE-2021-43174.txt
+	NOTE: https://github.com/NLnetLabs/routinator/pull/667
 CVE-2021-43173 (In NLnet Labs Routinator prior to 0.10.2, a validation run can be dela ...)
 	- routinator <itp> (bug #929024)
 	- cfrpki 1.4.0-1
 	- fort-validator 1.5.3-1
 	- rpki-client 7.5-1
 	NOTE: https://www.nlnetlabs.nl/downloads/routinator/CVE-2021-43172_CVE-2021-43173_CVE-2021-43174.txt
+	NOTE: https://github.com/NLnetLabs/routinator/pull/666
+	NOTE: https://github.com/NLnetLabs/routinator/pull/612
 CVE-2021-43172 (NLnet Labs Routinator prior to 0.10.2 happily processes a chain of RRD ...)
 	- routinator <itp> (bug #929024)
 	- fort-validator <unfixed>
 	- cfrpki <unfixed>
 	- rpki-client 7.5-1
 	NOTE: https://www.nlnetlabs.nl/downloads/routinator/CVE-2021-43172_CVE-2021-43173_CVE-2021-43174.txt
+	NOTE: https://github.com/NLnetLabs/routinator/pull/665
 CVE-2021-3917
 	RESERVED
 	NOT-FOR-US: coreos-installer



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/12907e70417482cba8169043f68d50a608290521

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/12907e70417482cba8169043f68d50a608290521
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20211228/1670dac3/attachment.htm>


More information about the debian-security-tracker-commits mailing list