[Git][security-tracker-team/security-tracker][master] Move source package listings before notes

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue Jul 20 16:27:33 BST 2021



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
1c8036cd by Salvatore Bonaccorso at 2021-07-20T15:54:18+02:00
Move source package listings before notes

Not a technical requirement, just more for reading flow.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -3362,6 +3362,15 @@ CVE-2021-35475 (SAS Environment Manager 2.5 allows XSS through the Name field wh
 	NOT-FOR-US: SAS Environment Manager
 CVE-2021-3618
 	RESERVED
+	- nginx <unfixed>
+	[bullseye] - nginx <no-dsa> (Minor issue)
+	[buster] - nginx <no-dsa> (Minor issue)
+	- vsftpd <unfixed>
+	[bullseye] - vsftpd <no-dsa> (Minor issue)
+	[buster] - vsftpd <no-dsa> (Minor issue)
+	- sendmail <unfixed>
+	[bullseye] - sendmail <no-dsa> (Minor issue)
+	[buster] - sendmail <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1975623
 	NOTE: https://alpaca-attack.com/
 	NOTE: Generic TLS protocol issue, some applications have released mitigations:
@@ -3372,15 +3381,6 @@ CVE-2021-3618
 	NOTE:    * Add ssl_sni_hostname option to require a match on incoming SNI hostname.
 	NOTE: sendmail: Fixed in 3.16.1: https://marc.info/?l=sendmail-announce&m=159394546814125&w=2
 	NOTE: exim4 has config option: https://lists.exim.org/lurker/message/20210609.200324.f0e073ed.el.html
-	- nginx <unfixed>
-	[bullseye] - nginx <no-dsa> (Minor issue)
-	[buster] - nginx <no-dsa> (Minor issue)
-	- vsftpd <unfixed>
-	[bullseye] - vsftpd <no-dsa> (Minor issue)
-	[buster] - vsftpd <no-dsa> (Minor issue)
-	- sendmail <unfixed>
-	[bullseye] - sendmail <no-dsa> (Minor issue)
-	[buster] - sendmail <no-dsa> (Minor issue)
 CVE-2021-3617
 	RESERVED
 CVE-2021-3616



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1c8036cde685955d7e5d56d5e94ce9cd43510828

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1c8036cde685955d7e5d56d5e94ce9cd43510828
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210720/6bbdb45a/attachment.htm>


More information about the debian-security-tracker-commits mailing list