[Git][security-tracker-team/security-tracker][master] CVE-2021-42374/busybox: stretch not-affected

Sylvain Beucler (@beuc) beuc at debian.org
Fri Nov 12 18:42:08 GMT 2021



Sylvain Beucler pushed to branch master at Debian Security Tracker / security-tracker


Commits:
f86b2440 by Sylvain Beucler at 2021-11-12T19:41:40+01:00
CVE-2021-42374/busybox: stretch not-affected

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -4829,8 +4829,11 @@ CVE-2021-42375
 CVE-2021-42374
 	RESERVED
 	- busybox <unfixed> (unimportant; bug #999567)
+	[stretch] - busybox <not-affected> (Vulnerable code introduced later)
 	NOTE: https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
 	NOTE: Crash in CLI tool, no security impact
+	NOTE: Introduced by https://git.busybox.net/busybox/commit/?id=3989e5adf454a3ab98412b249c2c9bd2a3175ae0 (1_27_0)
+	NOTE: https://git.busybox.net/busybox/commit/?id=04f052c56ded5ab6a904e3a264a73dc0412b2e78
 CVE-2021-42373
 	RESERVED
 	- busybox <unfixed> (unimportant; bug #999567)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f86b2440cc889ccf25a75e566a398ca6c091b916

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f86b2440cc889ccf25a75e566a398ca6c091b916
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20211112/49b06058/attachment-0001.htm>


More information about the debian-security-tracker-commits mailing list