[Git][security-tracker-team/security-tracker][master] Update CVE-2021-3998 for stable and older

Aurelien Jarno (@aurel32) aurel32 at debian.org
Tue Apr 5 19:25:10 BST 2022 


Aurelien Jarno pushed to branch master at Debian Security Tracker / security-tracker


Commits:
78d3e64a by Aurelien Jarno at 2022-04-05T20:24:06+02:00
Update CVE-2021-3998 for stable and older

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -26193,14 +26193,15 @@ CVE-2021-3999 [Off-by-one buffer overflow/underflow in getcwd()]
 CVE-2021-3998 [Unexpected return value from realpath() for too long results]
 	RESERVED
 	- glibc 2.33-4
-	[bullseye] - glibc <no-dsa> (Minor issue)
-	[buster] - glibc <no-dsa> (Minor issue)
-	[stretch] - glibc <no-dsa> (Minor issue)
+	[bullseye] - glibc <not-affected> (Vulnerable code introduced later)
+	[buster] - glibc <not-affected> (Vulnerable code introduced later)
+	[stretch] - glibc <not-affected> (Vulnerable code introduced later)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=28770
 	NOTE: https://patchwork.sourceware.org/project/glibc/patch/20220113055920.3155918-1-siddhesh@sourceware.org/
 	NOTE: https://www.openwall.com/lists/oss-security/2022/01/24/4
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=ee8d5e33adb284601c00c94687bc907e10aec9bb
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=f7a79879c0b2bef0dadd6caaaeeb0d26423e04e5
+	NOTE: introduced in 2.33 by: https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=c6e0b0b5b0b7922cdf0dce2af671e0c7e500df95
 CVE-2021-3997 [Uncontrolled recursion in systemd's systemd-tmpfiles]
 	RESERVED
 	- systemd 250.2-1 (bug #1003467)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/78d3e64ad036755fe3d7f40148a3c504efdee8f5

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/78d3e64ad036755fe3d7f40148a3c504efdee8f5
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220405/3c778ef6/attachment.htm>

More information about the debian-security-tracker-commits mailing list