[Git][security-tracker-team/security-tracker][master] Add some tracking notes for CVE-2021-35331
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Mon Jul 5 21:41:37 BST 2021
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
3ea13498 by Salvatore Bonaccorso at 2021-07-05T22:41:22+02:00
Add some tracking notes for CVE-2021-35331
The issue itself is disputed in its (security) significance and was
marked already disupted in the CVE feed. Still add the references and
only track tcl8.6 with unimportant severity. Various other sources would
include the file as well.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1854,7 +1854,13 @@ CVE-2021-35333
CVE-2021-35332
RESERVED
CVE-2021-35331 (** DISPUTED ** In Tcl 8.6.11, a format string vulnerability in nmakehl ...)
- TODO: check
+ - tcl8.6 <unfixed> (unimportant)
+ NOTE: https://core.tcl-lang.org/tcl/info/28ef6c0c741408a2
+ NOTE: https://core.tcl-lang.org/tcl/info/bad6cc213dfe8280
+ NOTE: https://github.com/tcltk/tcl/commit/4705dbdde2f32ff90420765cd93e7ac71d81a222
+ NOTE: https://sqlite.org/forum/info/7dcd751996c93ec9
+ NOTE: Various other sources would embedd a copy as well, but the security impact of
+ NOTE: the issue tself for tcl is disputed in its significance.
CVE-2021-35330
RESERVED
CVE-2021-35329
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3ea13498fd19fb804959c385472a513cb494e7d0
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3ea13498fd19fb804959c385472a513cb494e7d0
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210705/5fb0e99e/attachment.htm>
More information about the debian-security-tracker-commits
mailing list