[Git][security-tracker-team/security-tracker][master] new openldap issue

Moritz Muehlenhoff (@jmm) jmm at debian.org
Tue Jun 8 16:08:33 BST 2021



Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
6d749219 by Moritz Muehlenhoff at 2021-06-08T17:08:17+02:00
new openldap issue
NFU

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -46442,7 +46442,6 @@ CVE-2020-27637 (The R programming language’s default package manager CRAN
 	[buster] - r-base <no-dsa> (Minor issue)
 	[stretch] - r-base <no-dsa> (Minor issue)
 	NOTE: https://labs.bishopfox.com/advisories/cran-version-4.0.2
-	TODO: check details
 CVE-2020-27636
 	RESERVED
 CVE-2020-27635
@@ -62817,7 +62816,11 @@ CVE-2020-20180
 CVE-2020-20179
 	RESERVED
 CVE-2020-20178 (A flaw was found in OpenLDAP. This flaw allows an attacker who can sen ...)
-	TODO: check, confusing CVE, description refers to OpenLDAP whilst referenced RH bug refers to CVE-2021-20178, MITRE contacted
+	- openldap <unfixed>
+	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1928774
+	NOTE: https://bugs.openldap.org/show_bug.cgi?id=9454
+	NOTE: https://git.openldap.org/openldap/openldap/-/commit/3539fc33212b528c56b716584f2c2994af7c30b0
+	NOTE: https://git.openldap.org/openldap/openldap/-/commit/9badb73425a67768c09bcaed1a9c26c684af6c30
 CVE-2020-20177
 	RESERVED
 CVE-2020-20176
@@ -66392,7 +66395,7 @@ CVE-2020-18397
 CVE-2020-18396
 	RESERVED
 CVE-2020-18395 (A NULL-pointer deference issue was discovered in GNU_gama::set() in el ...)
-	TODO: check
+	NOT-FOR-US: GNU Gama
 CVE-2020-18394
 	RESERVED
 CVE-2020-18393



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6d749219ef91dd4e23f34efebe6c046aee09b5df

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6d749219ef91dd4e23f34efebe6c046aee09b5df
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210608/9f7e6c78/attachment-0001.htm>


More information about the debian-security-tracker-commits mailing list