[Git][security-tracker-team/security-tracker][master] Update information on CVE-2021-33054/sogo
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Fri Jun 4 22:01:26 BST 2021
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
58d2c6dd by Salvatore Bonaccorso at 2021-06-04T22:53:04+02:00
Update information on CVE-2021-33054/sogo
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1803,7 +1803,8 @@ CVE-2021-33054 (SOGo 2.x before 2.4.1 and 3.x through 5.x before 5.1.1 does not
NOTE: https://blogs.akamai.com/2021/06/saml-implementation-vulnerability-impacting-some-akamai-services.html
NOTE: https://blogs.akamai.com/2021/06/akamai-eaa-impersonation-vulnerability---a-deep-dive.html
NOTE: https://blogs.akamai.com/2021/06/sogo-and-packetfence-impacted-by-saml-implementation-vulnerabilities.html
- NOTE: https://github.com/inverse-inc/sogo/commit/e53636564680ac0df11ec898304bc442908ba746 (SOGo-5.1.1)
+ NOTE: Introduced by: https://github.com/inverse-inc/sogo/commit/5487f34b9ee9b9639e3f1d4a7abf4fad2d240d66 (SOGo-2.0.5)
+ NOTE: Fixed by: https://github.com/inverse-inc/sogo/commit/e53636564680ac0df11ec898304bc442908ba746 (SOGo-5.1.1)
NOTE: CVE is assigned for the SOGo vulnerability regarding the lasso usage.
CVE-2021-33053
RESERVED
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/58d2c6dd00ac0cb6ab010d55a77ee07d2ddda9bd
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/58d2c6dd00ac0cb6ab010d55a77ee07d2ddda9bd
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210604/67aa8a04/attachment.htm>
More information about the debian-security-tracker-commits
mailing list