[Git][security-tracker-team/security-tracker][master] prosody fixed in sid

Fri Jan 14 13:48:54 GMT 2022


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
0f2d55c8 by Moritz Muehlenhoff at 2022-01-14T14:48:18+01:00
prosody fixed in sid
one more exp fix for mbedtls

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -185,7 +185,7 @@ CVE-2022-21199
 	RESERVED
 CVE-2022-0217 [Unauthenticated Remote Denial of Service Attack in the WebSocket interface]
 	RESERVED
-	- prosody <unfixed> (bug #1003696)
+	- prosody 0.11.12-1 (bug #1003696)
 	NOTE: https://prosody.im/security/advisory_20220113/
 	NOTE: Patch: https://prosody.im/security/advisory_20220113/1.patch
 	NOTE: https://www.openwall.com/lists/oss-security/2022/01/13/3
@@ -24270,6 +24270,7 @@ CVE-2020-36478 (An issue was discovered in Mbed TLS before 2.25.0 (and before 2.
 	NOTE: https://github.com/ARMmbed/mbedtls/issues/3629
 	NOTE: https://github.com/ARMmbed/mbedtls/commit/ca17ebfbc02b57e2bcb42efe64a5f2002c756ea8 (development)
 CVE-2020-36477 (An issue was discovered in Mbed TLS before 2.24.0. The verification of ...)
+	[experimental] - mbedtls 2.28.0-0.1
 	- mbedtls <unfixed>
 	[stretch] - mbedtls <not-affected> (2.4 not affected)
 	NOTE: https://github.com/ARMmbed/mbedtls/issues/3498



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0f2d55c87a3b30e58d098e82e508e29109b121a2

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0f2d55c87a3b30e58d098e82e508e29109b121a2
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220114/a75098c3/attachment.htm>
