[Git][security-tracker-team/security-tracker][master] change not-affected to no-dsa for CVE-2021-21419 in Stretch
Thorsten Alteholz (@alteholz)
alteholz at debian.org
Sat May 22 14:39:26 BST 2021
Thorsten Alteholz pushed to branch master at Debian Security Tracker / security-tracker
Commits:
bcc3b939 by Thorsten Alteholz at 2021-05-22T15:37:03+02:00
change not-affected to no-dsa for CVE-2021-21419 in Stretch
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -29315,7 +29315,7 @@ CVE-2021-21420 (vscode-stripe is an extension for Visual Studio Code. A vulnerab
CVE-2021-21419 (Eventlet is a concurrent networking library for Python. A websocket pe ...)
- python-eventlet 0.26.1-7 (bug #988342)
[buster] - python-eventlet <no-dsa> (Minor issue)
- [stretch] - python-eventlet <not-affected> (Vulnerable code (compression extension) introduced later)
+ [stretch] - python-eventlet <no-dsa> (Minor issue)
NOTE: https://github.com/eventlet/eventlet/security/advisories/GHSA-9p9m-jm8w-94p2
NOTE: Fixed by: https://github.com/eventlet/eventlet/commit/1412f5e4125b4313f815778a1acb4d3336efcd07
NOTE: Issue present as well in versions before introduction of per-message-defalte extension
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bcc3b939f1548c1f4e80680d5c66d407b3cd76b3
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bcc3b939f1548c1f4e80680d5c66d407b3cd76b3
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210522/89f964d8/attachment.htm>
More information about the debian-security-tracker-commits
mailing list