[Git][security-tracker-team/security-tracker][master] Update trackng for CVE-2011-412{4,5,6}

Salvatore Bonaccorso (@carnil) carnil at debian.org
Mon Nov 1 20:09:49 GMT 2021



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
4c83da5c by Salvatore Bonaccorso at 2021-11-01T21:09:33+01:00
Update trackng for CVE-2011-412{4,5,6}

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -422613,14 +422613,20 @@ CVE-2011-4127 (The Linux kernel before 3.2.2 does not properly restrict SG_IO io
 	- libguestfs 1:1.14.8-1
 	- linux-2.6 <removed>
 CVE-2011-4126 (Race condition issues were found in Calibre at devices/linux_mount_hel ...)
-	- calibre 0.6.54+dfsg-1 (bug #584915)
-	NOTE: Vulnerable code removed upstream at version 1.10, removed by Debian packaging prior to that.
+	- calibre 1.5.0+dfsg-1 (bug #584915)
+	NOTE: Vulnerable code removed upstream at version 1.4.0
+	NOTE: https://github.com/kovidgoyal/calibre/commit/7d54d25844efebfb3d6de2bb2b9af77dbf72d8b8 (v1.4.0)
+	NOTE: Removed by Debian packaging in 0.6.54+dfsg-1.
 CVE-2011-4125 (A untrusted search path issue was found in Calibre at devices/linux_mo ...)
-	- calibre 0.6.54+dfsg-1 (bug #584915)
-	NOTE: Vulnerable code removed upstream at version 1.10, removed by Debian packaging prior to that.
+	- calibre 1.5.0+dfsg-1 (bug #584915)
+	NOTE: Vulnerable code removed upstream at version 1.4.0
+	NOTE: https://github.com/kovidgoyal/calibre/commit/7d54d25844efebfb3d6de2bb2b9af77dbf72d8b8 (v1.4.0)
+	NOTE: Removed by Debian packaging in 0.6.54+dfsg-1.
 CVE-2011-4124 (Input validation issues were found in Calibre at devices/linux_mount_h ...)
-	- calibre 0.6.54+dfsg-1 (bug #584915)
-	NOTE: Vulnerable code removed upstream at version 1.10, removed by Debian packaging prior to that.
+	- calibre 1.5.0+dfsg-1 (bug #584915)
+	NOTE: Vulnerable code removed upstream at version 1.4.0
+	NOTE: https://github.com/kovidgoyal/calibre/commit/7d54d25844efebfb3d6de2bb2b9af77dbf72d8b8 (v1.4.0)
+	NOTE: Removed by Debian packaging in 0.6.54+dfsg-1.
 CVE-2011-4123
 	REJECTED
 CVE-2011-4122 (Directory traversal vulnerability in openpam_configure.c in OpenPAM be ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4c83da5c02ba451f27cbcb0c68fbcbbdab4b567c

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4c83da5c02ba451f27cbcb0c68fbcbbdab4b567c
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20211101/abbe1e7d/attachment.htm>


More information about the debian-security-tracker-commits mailing list