[Git][security-tracker-team/security-tracker][master] Add CVE-2021-29063/mpmath

Salvatore Bonaccorso (@carnil) carnil at debian.org
Wed Jun 23 07:53:29 BST 2021



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
01b3f042 by Salvatore Bonaccorso at 2021-06-23T08:52:14+02:00
Add CVE-2021-29063/mpmath

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -14600,7 +14600,11 @@ CVE-2021-29065 (NETGEAR RBR850 devices before 3.2.10.11 are affected by authenti
 CVE-2021-29064
 	RESERVED
 CVE-2021-29063 (A Regular Expression Denial of Service (ReDOS) vulnerability was disco ...)
-	TODO: check
+	- mpmath <unfixed>
+	NOTE: https://github.com/yetingli/PoCs/blob/main/CVE-2021-29063/Mpmath.md
+	NOTE: https://github.com/fredrik-johansson/mpmath/issues/548
+	NOTE: https://github.com/fredrik-johansson/mpmath/commit/c811b37c65a4372a7ce613111d2a508c204f9833
+	NOTE: https://github.com/fredrik-johansson/mpmath/commit/2865c7d12b2a077d420427ad187eca831a48bff4
 CVE-2021-29062
 	RESERVED
 CVE-2021-29061 (A Regular Expression Denial of Service (ReDOS) vulnerability was disco ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/01b3f0429ea9dd9e9785685434b740259e7c01f2

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/01b3f0429ea9dd9e9785685434b740259e7c01f2
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210623/404f74f0/attachment.htm>


More information about the debian-security-tracker-commits mailing list