[Git][security-tracker-team/security-tracker][master] Add workaround entry for libzstd for stretch
Utkarsh Gupta
utkarsh at debian.org
Sat Feb 20 17:29:22 GMT 2021
Utkarsh Gupta pushed to branch master at Debian Security Tracker / security-tracker
Commits:
7b11c04a by Utkarsh Gupta at 2021-02-20T22:59:00+05:30
Add workaround entry for libzstd for stretch
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1452,10 +1452,12 @@ CVE-2021-26910 (Firejail before 0.9.64.4 allows attackers to bypass intended acc
CVE-2021-XXXX [zstd allows for race-opening files being compressed or uncompressed]
- libzstd 1.4.8+dfsg-2 (bug #982519)
[buster] - libzstd 1.3.8+dfsg-3+deb10u2
+ [stretch] - libzstd 1.1.2-1+deb9u1
NOTE: https://github.com/facebook/zstd/issues/2491
CVE-2019-XXXX [zstd adds read permissions to files while being compressed or uncompressed]
- libzstd 1.4.8+dfsg-1 (bug #981404)
[buster] - libzstd 1.3.8+dfsg-3+deb10u1
+ [stretch] - libzstd 1.1.2-1+deb9u1
NOTE: https://github.com/facebook/zstd/issues/1630
CVE-2021-26852
RESERVED
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7b11c04a3eac5134cac58c60a51c7b8ed9ec909c
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7b11c04a3eac5134cac58c60a51c7b8ed9ec909c
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210220/7e2db72b/attachment.htm>
More information about the debian-security-tracker-commits
mailing list