[Git][security-tracker-team/security-tracker][master] Update notes for CVE-2021-20291

[Neil Williams (@codehelp)]

Neil Williams pushed to branch master at Debian Security Tracker / security-tracker


Commits:
58fe2932 by Neil Williams at 2021-09-09T14:00:18+01:00
Update notes for CVE-2021-20291

golang-github-containers-buildah uses golang-github-containers-storage compression support.
docker.io already uses the same library as the fix for golang-github-containers-storage.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -50511,7 +50511,8 @@ CVE-2021-20291 (A deadlock vulnerability was found in 'github.com/containers/sto
 	[experimental] - golang-github-containers-storage 1.29.0+ds1-1
 	- golang-github-containers-storage 1.34.1+ds1-1 (bug #988942)
 	NOTE: https://github.com/containers/storage/commit/306fcabc964470e4b3b87a43a8f6b7d698209ee1
-	TODO: check golang-github-containers-buildah, docker.io
+	NOTE: golang-github-containers-buildah uses golang-github-containers-storage compression support.
+	NOTE: docker.io already uses the same library as the fix for golang-github-containers-storage.
 CVE-2021-20290
 	RESERVED
 	- foreman <itp> (bug #663101)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/58fe29321a5f31da48f7384e63f99829698638a2

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/58fe29321a5f31da48f7384e63f99829698638a2
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210909/720ff6ca/attachment.htm>