[Git][security-tracker-team/security-tracker][master] Update information on CVE-2021-21439

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
f66397d8 by Salvatore Bonaccorso at 2023-08-17T20:04:22+02:00
Update information on CVE-2021-21439

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -189548,10 +189548,9 @@ CVE-2021-21439 (DoS attack can be performed when an email contains specially des
 	- otrs2 6.0.32-5 (bug #989992)
 	[buster] - otrs2 <no-dsa> (Non-free not supported)
 	[stretch] - otrs2 <no-dsa> (Non-free not supported)
+	- znuny <not-affected> (Fixed before initial upload to Debian)
 	NOTE: https://otrs.com/release-notes/otrs-security-advisory-2021-09/
 	NOTE: Fixed by: https://github.com/znuny/Znuny/commit/b67e43f73dbb3c029504a082c7807677ed091d23 (znuny 6.0.33)
-	NOTE: Reference is for OTRS, no reference for znuny yet (in bullseye
-	NOTE: src:otrs2 is the znuny fork)
 CVE-2021-21438 (Agents are able to see linked FAQ articles without permissions (define ...)
 	NOT-FOR-US: OTRS FAQ addon (and OTRS 7 which is proprietary)
 CVE-2021-21437 (Agents are able to see linked Config Items without permissions, which  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f66397d8b64e601d1e5be49467337d97b562d997

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f66397d8b64e601d1e5be49467337d97b562d997
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230817/69adba78/attachment.htm>