[Git][security-tracker-team/security-tracker][master] Add initial tracking for CVE-2021-3670/samba

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
9f632120 by Salvatore Bonaccorso at 2022-04-30T09:08:59+02:00
Add initial tracking for CVE-2021-3670/samba

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -50009,8 +50009,13 @@ CVE-2021-3671 (A null pointer de-reference was found in the way samba kerberos s
 	NOTE: Followup: https://github.com/heimdal/heimdal/commit/773802aecfb4b6a73817fa522faeb55b2a7cdb2a
 	NOTE: "Equivalent" issue for CVE-2021-37750 for the MIT krb5 vulnerability.
 	NOTE: Fixed by (Samba): https://gitlab.com/samba-team/samba/-/commit/0cb4b939f192376bf5e33637863a91a20f74c5a5
-CVE-2021-3670
+CVE-2021-3670 [MaxQueryDuration not honoured in Samba AD DC LDAP]
 	RESERVED
+	- samba <unfixed>
+	[buster] - samba <ignored> (Minor issue; affects Samba as AD DC; cf DSA 5015-1)
+	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2077533
+	NOTE: https://bugzilla.samba.org/show_bug.cgi?id=14694
+	NOTE: https://gitlab.com/samba-team/samba/-/commit/86fe9d48883f87c928bf31ccbd275db420386803
 CVE-2021-37714 (jsoup is a Java library for working with HTML. Those using jsoup versi ...)
 	- jsoup 1.14.2-1 (bug #992590)
 	[bullseye] - jsoup <no-dsa> (Minor issue)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9f6321200dde1609c95156282a9bc4e8633b0309

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9f6321200dde1609c95156282a9bc4e8633b0309
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220430/ffe26dfe/attachment.htm>