[Git][security-tracker-team/security-tracker][master] Update tracking information for CVE-2021-2792{1,2,3}/pillow

Salvatore Bonaccorso carnil at debian.org
Tue Mar 9 08:20:47 GMT 2021 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
76599329 by Salvatore Bonaccorso at 2021-03-09T09:20:20+01:00
Update tracking information for CVE-2021-2792{1,2,3}/pillow

Those got fixed only in 8.1.2 upstream and so are unrelated to the
8.1.1 upload (MITRE CNA refrences the 8.1.1 release notes, but this
 might be wrong, but is consistent with the description).

No commit references are given (yet), so those need to be researched.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -382,14 +382,17 @@ CVE-2021-27925
 CVE-2021-27924
 	RESERVED
 CVE-2021-27923 (Pillow before 8.1.1 allows attackers to cause a denial of service (mem ...)
-	- pillow 8.1.1-1
+	- pillow 8.1.2-1
 	[buster] - pillow <ignored> (Minor issue)
+	NOTE: https://pillow.readthedocs.io/en/stable/releasenotes/8.1.2.html
 CVE-2021-27922 (Pillow before 8.1.1 allows attackers to cause a denial of service (mem ...)
-	- pillow 8.1.1-1
+	- pillow 8.1.2-1
 	[buster] - pillow <ignored> (Minor issue)
+	NOTE: https://pillow.readthedocs.io/en/stable/releasenotes/8.1.2.html
 CVE-2021-27921 (Pillow before 8.1.1 allows attackers to cause a denial of service (mem ...)
-	- pillow 8.1.1-1
+	- pillow 8.1.2-1
 	[buster] - pillow <ignored> (Minor issue)
+	NOTE: https://pillow.readthedocs.io/en/stable/releasenotes/8.1.2.html
 CVE-2021-27920
 	RESERVED
 CVE-2021-27919



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7659932970aad622cbc8c708f3d903a506e84de2

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7659932970aad622cbc8c708f3d903a506e84de2
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210309/3ddcf5bb/attachment.htm>

More information about the debian-security-tracker-commits mailing list