[Git][security-tracker-team/security-tracker][master] Reference OpenEuler applied patches for CVE-2021-3364{3..6}/libtar
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Jan 7 19:56:41 GMT 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
014ced21 by Salvatore Bonaccorso at 2025-01-07T20:54:24+01:00
Reference OpenEuler applied patches for CVE-2021-3364{3..6}/libtar
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -283587,15 +283587,19 @@ CVE-2021-33647 (When performing the inference shape operation of the Tile operat
CVE-2021-33646 (The th_read() function doesn\u2019t free a variable t->th_buf.gnu_long ...)
- libtar <unfixed>
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2121295
+ NOTE: (not-upstream) patch from OpenEuler: https://gitee.com/src-openeuler/libtar/blob/master/openEuler-CVE-2021-33645-CVE-2021-33646.patch
CVE-2021-33645 (The th_read() function doesn\u2019t free a variable t->th_buf.gnu_long ...)
- libtar <unfixed>
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2121295
+ NOTE: (not-upstream) patch from OpenEuler: https://gitee.com/src-openeuler/libtar/blob/master/openEuler-CVE-2021-33645-CVE-2021-33646.patch
CVE-2021-33644 (An attacker who submits a crafted tar file with size in header struct ...)
- libtar <unfixed>
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2121292
+ NOTE: (not-upstream) patch from OpenEuler: https://gitee.com/src-openeuler/libtar/blob/master/openEuler-CVE-2021-33645-CVE-2021-33646.patch
CVE-2021-33643 (An attacker who submits a crafted tar file with size in header struct ...)
- libtar <unfixed>
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2121289
+ NOTE: (not-upstream) patch from OpenEuler: https://gitee.com/src-openeuler/libtar/blob/master/openEuler-CVE-2021-33645-CVE-2021-33646.patch
CVE-2021-33642 (When a file is processed, an infinite loop occurs in next_inline() of ...)
NOT-FOR-US: non issue in byacc
NOTE: https://bugzilla.suse.com/show_bug.cgi?id=CVE-2021-33641
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/014ced218f452bf08be78b5ee8c6b854a2af4e49
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/014ced218f452bf08be78b5ee8c6b854a2af4e49
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250107/5468d231/attachment.htm>
More information about the debian-security-tracker-commits
mailing list