[Git][security-tracker-team/security-tracker][master] Add CVE-2021-4189/python

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
4bf5a51a by Salvatore Bonaccorso at 2022-01-01T10:33:26+01:00
Add CVE-2021-4189/python

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -203,8 +203,19 @@ CVE-2021-45919
 	RESERVED
 CVE-2021-4190 (Large loop in the Kafka dissector in Wireshark 3.6.0 allows denial of  ...)
 	TODO: check
-CVE-2021-4189
+CVE-2021-4189 [ftplib should not use the host from the PASV response]
 	RESERVED
+	- python3.10 <not-affected> (Fixed before initial upload to Debian unstable)
+	- python3.9 3.9.7-1
+	- python3.7 <removed>
+	- python3.5 <removed>
+	- python2.7 <unfixed>
+	NOTE: https://bugs.python.org/issue43285
+	NOTE: https://github.com/python/cpython/commit/0ab152c6b5d95caa2dc1a30fa96e10258b5f188e (master)
+	NOTE: https://github.com/python/cpython/commit/7dcb4baa4f0fde3aef5122a8e9f6a41853ec9335 (v3.9.3)
+	NOTE: https://github.com/python/cpython/commit/79373951b3eab585d42e0f0ab83718cbe1d0ee33 (v3.7.11)
+	NOTE: https://github.com/python/cpython/commit/4134f154ae2f621f25c5d698cc0f1748035a1b88 (v3.6.14)
+	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2036020
 CVE-2022-22262
 	RESERVED
 CVE-2022-0077



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4bf5a51a8154b085fd511d695acf005f0d197342

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4bf5a51a8154b085fd511d695acf005f0d197342
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220101/ee0625a9/attachment-0001.htm>