[Git][security-tracker-team/security-tracker][master] Review CVE-2021-441{18,23}/spip
David Prévot (@taffit)
taffit at debian.org
Mon Jan 31 16:02:08 GMT 2022
David Prévot pushed to branch master at Debian Security Tracker / security-tracker
Commits:
39f56ffd by David Prévot at 2022-01-31T12:01:25-04:00
Review CVE-2021-441{18,23}/spip
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -13214,7 +13214,8 @@ CVE-2021-44125
CVE-2021-44124
RESERVED
CVE-2021-44123 (SPIP 4.0.0 is affected by a remote command execution vulnerability. To ...)
- - spip 4.0.2-1
+ {DSA-5028-1 DLA-2867-1}
+ - spip 3.2.12-1
NOTE: https://git.spip.net/spip/spip/commit/1cf91def15966406ddd0488cf9d1ecd1ae82d47a (master)
NOTE: https://git.spip.net/spip/spip/commit/97e2888e9c92ad4bd68e8f80079583249714fbfa (v4.0.1)
CVE-2021-44122 (SPIP 4.0.0 is affected by a Cross Site Request Forgery (CSRF) vulnerab ...)
@@ -13232,7 +13233,8 @@ CVE-2021-44120 (SPIP 4.0.0 is affected by a Cross Site Scripting (XSS) vulnerabi
CVE-2021-44119
RESERVED
CVE-2021-44118 (SPIP 4.0.0 is affected by a Cross Site Scripting (XSS) vulnerability. ...)
- - spip <undetermined>
+ {DSA-5028-1 DLA-2867-1}
+ - spip 3.2.12-1
NOTE: https://git.spip.net/spip/medias/commit/13c293fabd35e2c152379522c29432423936cbba
NOTE: https://git.spip.net/spip/spip/commit/1cf91def15966406ddd0488cf9d1ecd1ae82d47a
NOTE: https://git.spip.net/spip/spip/commit/4ccf90a6912d7fab97e1bd5619770c9236cc7357
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/39f56ffd3d9c02c4fe888f6738a6f2c1e95e525e
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/39f56ffd3d9c02c4fe888f6738a6f2c1e95e525e
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220131/80ffcb7a/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list