[Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2021-22207/wireshark postponed in stretch

Emilio Pozuelo Monfort pochu at debian.org
Fri May 7 12:26:42 BST 2021 


Emilio Pozuelo Monfort pushed to branch master at Debian Security Tracker / security-tracker


Commits:
c810bed1 by Emilio Pozuelo Monfort at 2021-05-07T12:59:33+02:00
CVE-2021-22207/wireshark postponed in stretch

- - - - -
596fe319 by Emilio Pozuelo Monfort at 2021-05-07T13:23:37+02:00
CVE-2020-12272/opendmarc: link to fixing commit

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -23734,6 +23734,7 @@ CVE-2021-22207 (Excessive memory consumption in MS-WSP dissector in Wireshark 3.
 	- wireshark <unfixed> (bug #987853)
 	[bullseye] - wireshark <postponed> (Minor issue, can be fixed along in future update)
 	[buster] - wireshark <postponed> (Minor issue, can be fixed along in future update)
+	[stretch] - wireshark <postponed> (Minor issue, can be fixed along in future update)
 	NOTE: https://gitlab.com/wireshark/wireshark/-/issues/17331
 	NOTE: https://gitlab.com/wireshark/wireshark/-/commit/b7a0650e061b5418ab4a8f72c6e4b00317aff623
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2021-04.html
@@ -76922,6 +76923,7 @@ CVE-2020-12272 (OpenDMARC through 1.3.2 and 1.4.x allows attacks that inject aut
 	[buster] - opendmarc <no-dsa> (Minor issue)
 	NOTE: https://sourceforge.net/p/opendmarc/tickets/237/
 	NOTE: https://www.usenix.org/system/files/sec20fall_chen-jianjun_prepub_0.pdf
+	NOTE: Fix: https://github.com/trusteddomainproject/OpenDMARC/commit/f3a9a9d4edfaa05102292727d021683f58aa4b6e
 CVE-2020-12271 (A SQL injection issue was found in SFOS 17.0, 17.1, 17.5, and 18.0 bef ...)
 	NOT-FOR-US: SFOS
 CVE-2020-12270 (** DISPUTED ** React Native Bluetooth Scan in Bluezone 1.0.0 uses six- ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/6406a6f65b19215fd78f95c84ef8d1efe2d25b9a...596fe3197b45f78ab0064e50d88d35762dcd843d

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/6406a6f65b19215fd78f95c84ef8d1efe2d25b9a...596fe3197b45f78ab0064e50d88d35762dcd843d
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210507/4b37849b/attachment.htm>

More information about the debian-security-tracker-commits mailing list