[Git][security-tracker-team/security-tracker][master] source-wise CVE-2021-38373 only affects ksmtp

Moritz Muehlenhoff (@jmm) jmm at debian.org
Sun Jul 10 21:29:23 BST 2022 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
56d89518 by Moritz Muehlenhoff at 2022-07-10T22:28:54+02:00
source-wise CVE-2021-38373 only affects ksmtp

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -64020,11 +64020,13 @@ CVE-2021-38375 (OX App Suite through 7.10.5 allows XSS via the alt attribute of
 CVE-2021-38374 (OX App Suite through through 7.10.5 allows XSS via a crafted snippet t ...)
 	NOT-FOR-US: OX App Suite
 CVE-2021-38373 (In KDE KMail 19.12.3 (aka 5.13.3), the SMTP STARTTLS option is not hon ...)
-	- kmail <unfixed>
-	[bullseye] - kmail <no-dsa> (Minor issue)
-	[buster] - kmail <no-dsa> (Minor issue)
+	- ksmtp 21.12.3-2
+	[bullseye] - ksmtp <ignored> (Minor issue; Upstream changes change API)
+	[buster] - ksmtp <ignored> (Minor issue; Upstream changes change API)
 	NOTE: https://bugs.kde.org/show_bug.cgi?id=423423
 	NOTE: https://nostarttls.secvuln.info
+	NOTE: https://invent.kde.org/pim/ksmtp/-/commit/38a4c09427f3fdc04f9893f8eda3f6807d9a3203
+	NOTE: https://invent.kde.org/pim/ksmtp/-/commit/60f73c69758fe40a027a8e7402127d085f18545a
 CVE-2021-38372 (In KDE Trojita 0.7, man-in-the-middle attackers can create new folders ...)
 	- trojita <itp> (bug #795701)
 CVE-2021-38371 (The STARTTLS feature in Exim through 4.94.2 allows response injection  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/56d89518359d00f2b92f204666d70ce69b50078a

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/56d89518359d00f2b92f204666d70ce69b50078a
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220710/450bf2f7/attachment.htm>

More information about the debian-security-tracker-commits mailing list