[Git][security-tracker-team/security-tracker][master] 2 commits: Mark CVE-2021-3770 as not-affected in stretch

Anton Gladky (@gladk) gladk at debian.org
Sun Jan 9 20:04:47 GMT 2022 


Anton Gladky pushed to branch master at Debian Security Tracker / security-tracker


Commits:
4948c340 by Anton Gladky at 2022-01-09T21:04:33+01:00
Mark CVE-2021-3770 as not-affected in stretch

- - - - -
0b379a11 by Anton Gladky at 2022-01-09T21:04:33+01:00
LTS: status update

- - - - -


2 changed files:

- data/CVE/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -20030,7 +20030,7 @@ CVE-2021-3770 (vim is vulnerable to Heap-based Buffer Overflow ...)
 	- vim 2:8.2.3455-1 (bug #994076)
 	[bullseye] - vim 2:8.2.2434-3+deb11u1
 	[buster] - vim <no-dsa> (Minor issue)
-	[stretch] - vim <no-dsa> (Minor issue)
+	[stretch] - vim <not-affected> (Vulnerable code not present)
 	NOTE: https://huntr.dev/bounties/016ad2f2-07c1-4d14-a8ce-6eed10729365/
 	NOTE: Fixed by: https://github.com/vim/vim/commit/b7081e135a16091c93f6f5f7525a5c58fb7ca9f9 (v8.2.3402)
 	NOTE: Followup fix for introduced memory leak: https://github.com/vim/vim/commit/2ddb89f8a94425cda1e5491efc80c1ccccb6e08e (v8.2.3403)


=====================================
data/dla-needed.txt
=====================================
@@ -19,6 +19,7 @@ ansible (Lee Garrett)
   NOTE: 20210426: https://people.debian.org/~apo/lts/ansible/
 --
 apache2 (Anton)
+  MOTW: 20220109: WIP https://salsa.debian.org/lts-team/packages/apache2 (Anton)
 --
 apng2gif
   NOTE: 20211229: CVE-2017-6960 was fixed in DLAs for wheezy and jessie
@@ -30,6 +31,7 @@ condor (Anton)
   NOTE: 20211216: full details embargoed
   NOTE: 20211227: the fix is out and now available; cf:
   NOTE: 20211227: https://github.com/htcondor/htcondor/commit/8b311dee. (utkarsh)
+  NOTE: 20220109: Prepare for upload (Anton)
 --
 debian-archive-keyring
   NOTE: https://lists.debian.org/debian-lts/2021/08/msg00037.html



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/f6bf1612701684e094b80bf8d25df461d96f9b27...0b379a11e87f62a313cafc780e428fdb92714843

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/f6bf1612701684e094b80bf8d25df461d96f9b27...0b379a11e87f62a313cafc780e428fdb92714843
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220109/5403f29e/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list