[Git][security-tracker-team/security-tracker][master] change not-affected to no-dsa for CVE-2021-21419 in Stretch

Thorsten Alteholz (@alteholz) alteholz at debian.org
Sat May 22 14:39:26 BST 2021



Thorsten Alteholz pushed to branch master at Debian Security Tracker / security-tracker


Commits:
bcc3b939 by Thorsten Alteholz at 2021-05-22T15:37:03+02:00
change not-affected to no-dsa for CVE-2021-21419 in Stretch

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -29315,7 +29315,7 @@ CVE-2021-21420 (vscode-stripe is an extension for Visual Studio Code. A vulnerab
 CVE-2021-21419 (Eventlet is a concurrent networking library for Python. A websocket pe ...)
 	- python-eventlet 0.26.1-7 (bug #988342)
 	[buster] - python-eventlet <no-dsa> (Minor issue)
-	[stretch] - python-eventlet <not-affected> (Vulnerable code (compression extension) introduced later)
+	[stretch] - python-eventlet <no-dsa> (Minor issue)
 	NOTE: https://github.com/eventlet/eventlet/security/advisories/GHSA-9p9m-jm8w-94p2
 	NOTE: Fixed by: https://github.com/eventlet/eventlet/commit/1412f5e4125b4313f815778a1acb4d3336efcd07
 	NOTE: Issue present as well in versions before introduction of per-message-defalte extension



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bcc3b939f1548c1f4e80680d5c66d407b3cd76b3

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bcc3b939f1548c1f4e80680d5c66d407b3cd76b3
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210522/89f964d8/attachment.htm>


More information about the debian-security-tracker-commits mailing list