[Git][security-tracker-team/security-tracker][master] 2 commits: Mark CVE-2022-21648 as not-affected for stretch

Utkarsh Gupta (@utkarsh) utkarsh at debian.org
Mon Jan 10 14:38:09 GMT 2022 


Utkarsh Gupta pushed to branch master at Debian Security Tracker / security-tracker


Commits:
17dcdd7a by Utkarsh Gupta at 2022-01-10T20:06:35+05:30
Mark CVE-2022-21648 as not-affected for stretch

- - - - -
7d10b1a5 by Utkarsh Gupta at 2022-01-10T20:07:15+05:30
Mark CVE-2021-23803/php-nette as not-affected for stretch

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -8589,6 +8589,7 @@ CVE-2022-21649 (Convos is an open source multi-user chat that runs in a web brow
 	NOT-FOR-US: Convos
 CVE-2022-21648 (Latte is an open source template engine for PHP. Versions since 2.8.0  ...)
 	- php-nette <removed>
+	[stretch] - php-nette <not-affected> (Sandbox first appeared in Latte 2.8.0 so older versions are not affected.)
 	NOTE: https://github.com/nette/latte/security/advisories/GHSA-36m2-8rhx-f36j
 	NOTE: https://github.com/nette/latte/commit/9e1b4f7d70f7a9c3fa6753ffa7d7e450a3d4abb0
 CVE-2022-21647 (CodeIgniter is an open source PHP full-stack web framework. Deserializ ...)
@@ -61454,6 +61455,7 @@ CVE-2021-23804
 	RESERVED
 CVE-2021-23803 (This affects the package latte/latte before 2.10.6. There is a way to  ...)
 	- php-nette <removed>
+	[stretch] - php-nette <not-affected> (Sandbox first appeared in Latte 2.8.0 so older versions are not affected.)
 	NOTE: https://github.com/nette/latte/commit/227c86eda9a8a6d060ea8501923e768b6d992210
 	NOTE: https://github.com/nette/latte/issues/279
 CVE-2021-23802



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/9c9cf5b03a1af15ef1f5f6f5deab4b99a34ef020...7d10b1a5244670fea45200f17e6fd10ff5fe96ea

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/9c9cf5b03a1af15ef1f5f6f5deab4b99a34ef020...7d10b1a5244670fea45200f17e6fd10ff5fe96ea
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220110/c7ceb679/attachment.htm>

More information about the debian-security-tracker-commits mailing list