[Git][security-tracker-team/security-tracker][master] Update information CVE-2021-20277/{ldb,samba}

Wed Mar 24 18:49:23 GMT 2021


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
641aeb16 by Salvatore Bonaccorso at 2021-03-24T19:49:01+01:00
Update information CVE-2021-20277/{ldb,samba}

The issue should be addressed in ldb primarly, samba will use the system
library. Track accordingly samba as unimportant and marked with the
upstream version including the source fix as well.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -21372,8 +21372,13 @@ CVE-2021-20278
 	NOT-FOR-US: Kiali
 CVE-2021-20277 [Out of bounds read in AD DC LDAP server]
 	RESERVED
-	- samba <unfixed>
+	- ldb <unfixed>
+	- samba <unfixed> (unimportant)
 	NOTE: https://www.samba.org/samba/security/CVE-2021-20277.html
+	NOTE: https://bugzilla.samba.org/show_bug.cgi?id=14655
+	NOTE: https://git.samba.org/?p=samba.git;a=commitdiff;h=ea4bd2c437fbb5801fb82e2a038d9cdb5abea4c0
+	NOTE: https://git.samba.org/?p=samba.git;a=commitdiff;h=1fe8c790b2294fd10fe9c9c6254ecf2b6c00b709
+	NOTE: Samba uses the System ldb library
 CVE-2021-20276 (A flaw was found in privoxy before 3.0.32. Invalid memory access with  ...)
 	{DLA-2587-1}
 	- privoxy 3.0.32-1



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/641aeb160ec751618b171f790c6179bafd81ff25

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/641aeb160ec751618b171f790c6179bafd81ff25
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210324/2d52a287/attachment-0001.htm>
