[Git][security-tracker-team/security-tracker][master] Add CVE-2021-32693/symfony

Fri Jun 18 21:29:20 BST 2021


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
f5451989 by Salvatore Bonaccorso at 2021-06-18T22:28:53+02:00
Add CVE-2021-32693/symfony

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -5272,7 +5272,10 @@ CVE-2021-32695 (Nextcloud Android app is the Android client for Nextcloud. In ve
 CVE-2021-32694 (Nextcloud Android app is the Android client for Nextcloud. In versions ...)
 	TODO: check
 CVE-2021-32693 (Symfony is a PHP framework for web and console applications and a set  ...)
-	TODO: check
+	- symfony <not-affected> (Vulnerable code not present)
+	NOTE: https://github.com/symfony/symfony/security/advisories/GHSA-rfcf-m67m-jcrq
+	NOTE: Fixed by: https://github.com/symfony/symfony/commit/3084764ad82f29dbb025df19978b9cbc3ab34728 (v5.3.2)
+	NOTE: https://symfony.com/blog/cve-2021-32693-authentication-granted-to-all-firewalls-instead-of-just-one
 CVE-2021-32692
 	RESERVED
 CVE-2021-32691 (Apollos Apps is an open source platform for launching church-related a ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f545198901aef06664f3809a9720912ca71bf738

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f545198901aef06664f3809a9720912ca71bf738
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210618/dd569d75/attachment.htm>
