[Git][security-tracker-team/security-tracker][master] Track fixed version for libsepol issues
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Mon Nov 8 07:48:09 GMT 2021
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
7e234a0f by Salvatore Bonaccorso at 2021-11-08T08:47:46+01:00
Track fixed version for libsepol issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -19547,7 +19547,7 @@ CVE-2021-36089 (Grok 7.6.6 through 9.2.0 has a heap-based buffer overflow in grk
CVE-2021-36088 (Fluent Bit (aka fluent-bit) 1.7.0 through 1.7,4 has a double free in f ...)
NOT-FOR-US: Fluent Bit
CVE-2021-36087 (The CIL compiler in SELinux 3.2 has a heap-based buffer over-read in e ...)
- - libsepol <unfixed> (bug #990526)
+ - libsepol 3.3-1 (bug #990526)
[bullseye] - libsepol <no-dsa> (Minor issue)
[buster] - libsepol <no-dsa> (Minor issue)
[stretch] - libsepol <no-dsa> (Minor issue)
@@ -19555,7 +19555,7 @@ CVE-2021-36087 (The CIL compiler in SELinux 3.2 has a heap-based buffer over-rea
NOTE: https://github.com/SELinuxProject/selinux/commit/bad0a746e9f4cf260dedba5828d9645d50176aac
NOTE: https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-585.yaml
CVE-2021-36086 (The CIL compiler in SELinux 3.2 has a use-after-free in cil_reset_clas ...)
- - libsepol <unfixed> (bug #990526)
+ - libsepol 3.3-1 (bug #990526)
[bullseye] - libsepol <no-dsa> (Minor issue)
[buster] - libsepol <no-dsa> (Minor issue)
[stretch] - libsepol <no-dsa> (Minor issue)
@@ -19563,7 +19563,7 @@ CVE-2021-36086 (The CIL compiler in SELinux 3.2 has a use-after-free in cil_rese
NOTE: https://github.com/SELinuxProject/selinux/commit/c49a8ea09501ad66e799ea41b8154b6770fec2c8
NOTE: https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-536.yaml
CVE-2021-36085 (The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_c ...)
- - libsepol <unfixed> (bug #990526)
+ - libsepol 3.3-1 (bug #990526)
[bullseye] - libsepol <no-dsa> (Minor issue)
[buster] - libsepol <no-dsa> (Minor issue)
[stretch] - libsepol <no-dsa> (Minor issue)
@@ -19571,7 +19571,7 @@ CVE-2021-36085 (The CIL compiler in SELinux 3.2 has a use-after-free in __cil_ve
NOTE: https://github.com/SELinuxProject/selinux/commit/2d35fcc7e9e976a2346b1de20e54f8663e8a6cba
NOTE: https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-421.yaml
CVE-2021-36084 (The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_c ...)
- - libsepol <unfixed> (bug #990526)
+ - libsepol 3.3-1 (bug #990526)
[bullseye] - libsepol <no-dsa> (Minor issue)
[buster] - libsepol <no-dsa> (Minor issue)
[stretch] - libsepol <no-dsa> (Minor issue)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7e234a0f3724f4baaca13606774191383105a1c5
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7e234a0f3724f4baaca13606774191383105a1c5
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20211108/c54d5a5f/attachment.htm>
More information about the debian-security-tracker-commits
mailing list