[Git][security-tracker-team/security-tracker][master] ATS fixed in sid
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Fri Nov 5 23:53:36 GMT 2021
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
5ab9dd12 by Moritz Muehlenhoff at 2021-11-06T00:53:08+01:00
ATS fixed in sid
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1703,7 +1703,7 @@ CVE-2015-10001 (The WP-Stats WordPress plugin before 2.52 does not have CSRF che
CVE-2021-43083
RESERVED
CVE-2021-43082 (Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') ...)
- - trafficserver <unfixed>
+ - trafficserver 9.1.1+ds-1
[bullseye] - trafficserver <not-affected> (Vulnerable code not present, introduced in 9.x)
[buster] - trafficserver <not-affected> (Vulnerable code not present, introduced in 9.x)
NOTE: https://www.openwall.com/lists/oss-security/2021/11/02/11
@@ -16971,19 +16971,19 @@ CVE-2021-37159 (hso_free_net_device in drivers/net/usb/hso.c in the Linux kernel
CVE-2021-37150
RESERVED
CVE-2021-37149 (Improper Input Validation vulnerability in header parsing of Apache Tr ...)
- - trafficserver <unfixed>
+ - trafficserver 9.1.1+ds-1
NOTE: https://www.openwall.com/lists/oss-security/2021/11/02/11
NOTE: https://github.com/apache/trafficserver/pull/8458/
NOTE: https://github.com/apache/trafficserver/commit/2addc8ca71449ceac0d5b80172460ee09c938f5e (8.1.x)
NOTE: https://github.com/apache/trafficserver/commit/83c89f3d217d473ecb000b68c910c0f183c3a355 (master)
CVE-2021-37148 (Improper input validation vulnerability in header parsing of Apache Tr ...)
- - trafficserver <unfixed>
+ - trafficserver 9.1.1+ds-1
NOTE: https://www.openwall.com/lists/oss-security/2021/11/02/11
NOTE: https://github.com/apache/trafficserver/pull/8457/
NOTE: https://github.com/apache/trafficserver/commit/6e5070118a20772a30c3fccee2cf1c44f0a21fc0 (master)
NOTE: https://github.com/apache/trafficserver/commit/e2c9ac217f24dc3e91ff2c9f52b52093e8fb32d5 (8.1.x)
CVE-2021-37147 (Improper input validation vulnerability in header parsing of Apache Tr ...)
- - trafficserver <unfixed>
+ - trafficserver 9.1.1+ds-1
NOTE: https://www.openwall.com/lists/oss-security/2021/11/02/11
NOTE: https://github.com/apache/trafficserver/commit/64f25678bfbbd1433cce703e3c43bcc49a53de56 (master)
NOTE: https://github.com/apache/trafficserver/commit/5cad961c87cb07fbb8fa6890685d9878a169378d (8.1.x)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5ab9dd12a976a1a49737ad92bd918279b154a19f
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5ab9dd12a976a1a49737ad92bd918279b154a19f
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20211105/d98368c8/attachment.htm>
More information about the debian-security-tracker-commits
mailing list