[Git][security-tracker-team/security-tracker][master] Add upstream references for CVE-2021-340{3,4}/libytnef

Salvatore Bonaccorso carnil at debian.org
Fri Mar 5 19:32:54 GMT 2021



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
3bd39321 by Salvatore Bonaccorso at 2021-03-05T20:32:13+01:00
Add upstream references for CVE-2021-340{3,4}/libytnef

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -2237,11 +2237,15 @@ CVE-2021-3404 (In ytnef 1.9.3, the SwapWord function in lib/ytnef.c allows remot
 	[buster] - libytnef <no-dsa> (Minor issue)
 	[stretch] - libytnef <no-dsa> (Minor issue)
 	NOTE: https://github.com/Yeraze/ytnef/issues/86
+	NOTE: https://github.com/Yeraze/ytnef/pull/88
+	NOTE: https://github.com/Yeraze/ytnef/commit/f9ff4a203b8c155d51a208cadadb62f224fba715
 CVE-2021-3403 (In ytnef 1.9.3, the TNEFSubjectHandler function in lib/ytnef.c allows  ...)
 	- libytnef 1.9.3-3 (bug #982594)
 	[buster] - libytnef <no-dsa> (Minor issue)
 	[stretch] - libytnef <no-dsa> (Minor issue)
 	NOTE: https://github.com/Yeraze/ytnef/issues/85
+	NOTE: https://github.com/Yeraze/ytnef/pull/87
+	NOTE: https://github.com/Yeraze/ytnef/commit/f2380a53fb84d370eaf6e6c3473062c54c57fac7
 CVE-2021-26936 (The replay-sorcery program in ReplaySorcery 0.4.0 through 0.5.0, when  ...)
 	NOT-FOR-US: ReplaySorcery
 CVE-2021-26935



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3bd3932112bc8e650444f1548349b38124d44eeb

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3bd3932112bc8e650444f1548349b38124d44eeb
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210305/8d907ea2/attachment.htm>


More information about the debian-security-tracker-commits mailing list