[Git][security-tracker-team/security-tracker][master] Update information for CVE-2020-27840/{ldb,samba}

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
8444f78e by Salvatore Bonaccorso at 2021-03-24T19:53:06+01:00
Update information for CVE-2020-27840/{ldb,samba}

See reasoning in 641aeb160ec7 ("Update information
CVE-2021-20277/{ldb,samba}").

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -32215,8 +32215,14 @@ CVE-2020-27841 (There's a flaw in openjpeg in versions prior to 2.4.0 in src/lib
 	NOTE: https://github.com/rouault/openjpeg/commit/00383e162ae2f8fc951f5745bf1011771acb8dce  (v2.4.0)
 CVE-2020-27840 [Heap corruption via crafted DN strings]
 	RESERVED
-	- samba <unfixed>
+	- ldb <unfixed>
+	- samba <unfixed> (unimportant)
 	NOTE: https://www.samba.org/samba/security/CVE-2020-27840.html
+	NOTE: https://bugzilla.samba.org/show_bug.cgi?id=14595
+	NOTE: https://git.samba.org/?p=samba.git;a=commitdiff;h=1996b79f376b459bb964a6344ca5f264e7d6e2ec
+	NOTE: https://git.samba.org/?p=samba.git;a=commitdiff;h=dbb3e65f7e382adf5fa6a6afb3d8684aca3f201a
+	NOTE: https://git.samba.org/?p=samba.git;a=commitdiff;h=9532c44baea130db74f866e1472cb871936cd3dd
+	NOTE: Samba uses the System ldb library
 CVE-2020-27839
 	RESERVED
 	- ceph <unfixed> (bug #985670)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8444f78e919667968ceee4f4e387c297fa9ee882

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8444f78e919667968ceee4f4e387c297fa9ee882
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210324/d6718ea9/attachment.htm>