[Git][security-tracker-team/security-tracker][master] 2 commits: Add CVE-2021-41865/nomad

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
6ec57f8a by Salvatore Bonaccorso at 2021-10-11T10:20:34+02:00
Add CVE-2021-41865/nomad

- - - - -
2cb6985f by Salvatore Bonaccorso at 2021-10-11T10:20:35+02:00
Add CVE-2021-41802 as NFU

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -655,6 +655,10 @@ CVE-2021-3853
 CVE-2021-3852
 	RESERVED
 CVE-2021-41865 (HashiCorp Nomad and Nomad Enterprise 1.1.1 through 1.1.5 allowed authe ...)
+	- nomad <undetermined>
+	NOTE: https://discuss.hashicorp.com/t/hcsec-2021-26-nomad-denial-of-service-via-submission-of-incomplete-job-specification-using-consul-mesh-gateway-host-network/30311
+	NOTE: https://github.com/hashicorp/nomad/issues/11243
+	NOTE: https://github.com/hashicorp/nomad/pull/11257
 	TODO: check
 CVE-2021-41864 (prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kern ...)
 	- linux <unfixed>
@@ -800,7 +804,7 @@ CVE-2021-41804
 CVE-2021-41803
 	RESERVED
 CVE-2021-41802 (HashiCorp Vault and Vault Enterprise through 1.7.4 and 1.8.3 allowed a ...)
-	TODO: check
+	NOT-FOR-US: HashiCorp Vault
 CVE-2021-41801
 	RESERVED
 	{DSA-4979-1}



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/6e5a604adeb1944a6e80e53687a35e93362d2c31...2cb6985fd73ed44a6a94b1213a1536e2c7bc9929

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/6e5a604adeb1944a6e80e53687a35e93362d2c31...2cb6985fd73ed44a6a94b1213a1536e2c7bc9929
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20211011/5c083c33/attachment.htm>