[Git][security-tracker-team/security-tracker][master] Mark three CVEs for wolfssl as no-dsa

Salvatore Bonaccorso (@carnil) carnil at debian.org
Wed Mar 16 21:27:34 GMT 2022 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
5f244a3d by Salvatore Bonaccorso at 2022-03-16T22:27:14+01:00
Mark three CVEs for wolfssl as no-dsa

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -4154,6 +4154,7 @@ CVE-2022-25641
 	RESERVED
 CVE-2022-25640 (In wolfSSL before 5.2.0, a TLS 1.3 server cannot properly enforce a re ...)
 	- wolfssl 5.2.0-1
+	[bullseye] - wolfssl <no-dsa> (Minor issue; can be fixed via point release)
 	NOTE: https://github.com/wolfSSL/wolfssl/pull/4831
 	NOTE: https://github.com/wolfSSL/wolfssl/commit/3cdb1c639da94a9dc8c75590d0ec475e7f27c226 (v5.2.0-stable)
 	NOTE: https://github.com/wolfSSL/wolfssl/commit/b60d2dccce9110fd2b985d99063e524e39bdf6f7 (v5.2.0-stable)
@@ -4161,6 +4162,7 @@ CVE-2022-25639
 	RESERVED
 CVE-2022-25638 (In wolfSSL before 5.2.0, certificate validation may be bypassed during ...)
 	- wolfssl 5.2.0-1
+	[bullseye] - wolfssl <no-dsa> (Minor issue; can be fixed via point release)
 	NOTE: https://github.com/wolfSSL/wolfssl/pull/4813
 	NOTE: https://github.com/wolfSSL/wolfssl/commit/e13861bcde8015bb99ddb034224afb66e2fb89b8 (v5.2.0-stable)
 	NOTE: https://github.com/wolfSSL/wolfssl/commit/08047b2d959ee5e21a4a2c672308f45fec61f059 (v5.2.0-stable)
@@ -70174,6 +70176,7 @@ CVE-2021-3337 (The Hide-Thread-Content plugin through 2021-01-27 for MyBB allows
 	NOT-FOR-US: MyBB
 CVE-2021-3336 (DoTls13CertificateVerify in tls13.c in wolfSSL before 4.7.0 does not c ...)
 	- wolfssl 4.6.0-3
+	[bullseye] - wolfssl <no-dsa> (Minor issue; can be fixed via point release)
 	NOTE: https://github.com/wolfSSL/wolfssl/pull/3676
 CVE-2021-26308 (An issue was discovered in the marc crate before 2.0.0 for Rust. A use ...)
 	NOT-FOR-US: Rust marc



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5f244a3d34321d85dfafa0d0f7a63cef64ccb676

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5f244a3d34321d85dfafa0d0f7a63cef64ccb676
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220316/6f627389/attachment.htm>

More information about the debian-security-tracker-commits mailing list