[Git][security-tracker-team/security-tracker][master] Add CVE-2021-29063/mpmath
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Jun 23 07:53:29 BST 2021
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
01b3f042 by Salvatore Bonaccorso at 2021-06-23T08:52:14+02:00
Add CVE-2021-29063/mpmath
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -14600,7 +14600,11 @@ CVE-2021-29065 (NETGEAR RBR850 devices before 3.2.10.11 are affected by authenti
CVE-2021-29064
RESERVED
CVE-2021-29063 (A Regular Expression Denial of Service (ReDOS) vulnerability was disco ...)
- TODO: check
+ - mpmath <unfixed>
+ NOTE: https://github.com/yetingli/PoCs/blob/main/CVE-2021-29063/Mpmath.md
+ NOTE: https://github.com/fredrik-johansson/mpmath/issues/548
+ NOTE: https://github.com/fredrik-johansson/mpmath/commit/c811b37c65a4372a7ce613111d2a508c204f9833
+ NOTE: https://github.com/fredrik-johansson/mpmath/commit/2865c7d12b2a077d420427ad187eca831a48bff4
CVE-2021-29062
RESERVED
CVE-2021-29061 (A Regular Expression Denial of Service (ReDOS) vulnerability was disco ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/01b3f0429ea9dd9e9785685434b740259e7c01f2
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/01b3f0429ea9dd9e9785685434b740259e7c01f2
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210623/404f74f0/attachment.htm>
More information about the debian-security-tracker-commits
mailing list