[Git][security-tracker-team/security-tracker][master] Add CVE-2021-3409 assigned by Red Hat
Salvatore Bonaccorso
carnil at debian.org
Fri Feb 12 15:32:45 GMT 2021
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
7c99ec4a by Salvatore Bonaccorso at 2021-02-12T16:32:12+01:00
Add CVE-2021-3409 assigned by Red Hat
The two CVEs CVE-2020-25085 and CVE-2020-17380 caused some confusion in
other distros fixes, cf.
https://bugzilla.redhat.com/show_bug.cgi?id=1862167#c11 and following
and a new CVE was assigned to cover the incomplete fix for
CVE-2020-17380/CVE-2020-25085 part.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -34255,6 +34255,9 @@ CVE-2020-25087 (Ecommerce-CodeIgniter-Bootstrap before 2020-08-03 allows XSS in
NOT-FOR-US: Ecommerce-CodeIgniter-Bootstrap
CVE-2020-25086 (Ecommerce-CodeIgniter-Bootstrap before 2020-08-03 allows XSS in applic ...)
NOT-FOR-US: Ecommerce-CodeIgniter-Bootstrap
+CVE-2021-3409 [sdhci: incomplete fix for CVE-2020-17380/CVE-2020-25085]
+ - qemu <unfixed>
+ NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1928146
CVE-2020-25085 (QEMU 5.0.0 has a heap-based Buffer Overflow in flatview_read_continue ...)
{DLA-2469-1}
- qemu 1:5.2+dfsg-1 (bug #970540)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7c99ec4a9f29fc3108d7addff8c6f21c8c7555ef
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7c99ec4a9f29fc3108d7addff8c6f21c8c7555ef
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210212/a66f78b6/attachment.html>
More information about the debian-security-tracker-commits
mailing list