[Git][security-tracker-team/security-tracker][master] Add upstram tag information for various CVEs

Sat Oct 19 15:59:58 BST 2024


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
631af936 by Salvatore Bonaccorso at 2024-10-19T16:59:27+02:00
Add upstram tag information for various CVEs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -254016,8 +254016,8 @@ CVE-2021-36087 (The CIL compiler in SELinux 3.2 has a heap-based buffer over-rea
 	[buster] - libsepol <no-dsa> (Minor issue)
 	[stretch] - libsepol <no-dsa> (Minor issue)
 	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32675
-	NOTE: https://github.com/SELinuxProject/selinux/commit/340f0eb7f3673e8aacaf0a96cbfcd4d12a405521
-	NOTE: https://github.com/SELinuxProject/selinux/commit/bad0a746e9f4cf260dedba5828d9645d50176aac
+	NOTE: https://github.com/SELinuxProject/selinux/commit/340f0eb7f3673e8aacaf0a96cbfcd4d12a405521 (3.3-rc1)
+	NOTE: https://github.com/SELinuxProject/selinux/commit/bad0a746e9f4cf260dedba5828d9645d50176aac (3.3-rc1)
 	NOTE: https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-585.yaml
 CVE-2021-36086 (The CIL compiler in SELinux 3.2 has a use-after-free in cil_reset_clas ...)
 	- libsepol 3.3-1 (bug #990526)
@@ -254025,7 +254025,7 @@ CVE-2021-36086 (The CIL compiler in SELinux 3.2 has a use-after-free in cil_rese
 	[buster] - libsepol <no-dsa> (Minor issue)
 	[stretch] - libsepol <no-dsa> (Minor issue)
 	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32177
-	NOTE: https://github.com/SELinuxProject/selinux/commit/c49a8ea09501ad66e799ea41b8154b6770fec2c8
+	NOTE: https://github.com/SELinuxProject/selinux/commit/c49a8ea09501ad66e799ea41b8154b6770fec2c8 (3.3-rc1)
 	NOTE: https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-536.yaml
 CVE-2021-36085 (The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_c ...)
 	- libsepol 3.3-1 (bug #990526)
@@ -254033,7 +254033,7 @@ CVE-2021-36085 (The CIL compiler in SELinux 3.2 has a use-after-free in __cil_ve
 	[buster] - libsepol <no-dsa> (Minor issue)
 	[stretch] - libsepol <no-dsa> (Minor issue)
 	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31124
-	NOTE: https://github.com/SELinuxProject/selinux/commit/2d35fcc7e9e976a2346b1de20e54f8663e8a6cba
+	NOTE: https://github.com/SELinuxProject/selinux/commit/2d35fcc7e9e976a2346b1de20e54f8663e8a6cba (3.3-rc1)
 	NOTE: https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-421.yaml
 CVE-2021-36084 (The CIL compiler in SELinux 3.2 has a use-after-free in __cil_verify_c ...)
 	- libsepol 3.3-1 (bug #990526)
@@ -254041,7 +254041,7 @@ CVE-2021-36084 (The CIL compiler in SELinux 3.2 has a use-after-free in __cil_ve
 	[buster] - libsepol <no-dsa> (Minor issue)
 	[stretch] - libsepol <no-dsa> (Minor issue)
 	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31065
-	NOTE: https://github.com/SELinuxProject/selinux/commit/f34d3d30c8325e4847a6b696fe7a3936a8a361f3
+	NOTE: https://github.com/SELinuxProject/selinux/commit/f34d3d30c8325e4847a6b696fe7a3936a8a361f3 (3.3-rc1)
 	NOTE: https://github.com/google/oss-fuzz-vulns/blob/main/vulns/selinux/OSV-2021-417.yaml
 CVE-2021-36083 (KDE KImageFormats 5.70.0 through 5.81.0 has a stack-based buffer overf ...)
 	[experimental] - kimageformats 5.83.0-1



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/631af936cf3c230fa6a7930dbb681d7be1d5b08a

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/631af936cf3c230fa6a7930dbb681d7be1d5b08a
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241019/29a72c9d/attachment.htm>
