[Git][security-tracker-team/security-tracker][master] Add CVE-2021-21707/php*
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sat Nov 27 08:04:52 GMT 2021
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
d1b610b4 by Salvatore Bonaccorso at 2021-11-27T09:04:17+01:00
Add CVE-2021-21707/php*
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -58247,8 +58247,16 @@ CVE-2021-21709
RESERVED
CVE-2021-21708
RESERVED
-CVE-2021-21707
+CVE-2021-21707 [special character is breaking the path in xml function]
RESERVED
+ - php8.1 8.1.0-1
+ - php8.0 <unfixed>
+ - php7.4 <removed>
+ - php7.3 <removed>
+ - php7.0 <removed>
+ NOTE: Fixed in 8.1.0, 8.0.13, 7.4.26, 7.3.33
+ NOTE: PHP Bug: https://bugs.php.net/79971
+ NOTE: https://github.com/php/php-src/commit/f15f8fc573eb38c3c73e23e0930063a6f6409ed4
CVE-2021-21706 (In PHP versions 7.3.x below 7.3.31, 7.4.x below 7.4.24 and 8.0.x below ...)
- php8.0 <not-affected> (Windows specific issue)
- php7.4 <not-affected> (Windows specific issue)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d1b610b4c24e99a2d7518616c53bde9a5af4f592
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d1b610b4c24e99a2d7518616c53bde9a5af4f592
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20211127/a0a7aed7/attachment.htm>
More information about the debian-security-tracker-commits
mailing list