diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2021-04-14 10:16:25 +0200 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2021-04-14 10:16:25 +0200 |
commit | 10945ebfe6838a04a20ceb24cbf13b6cd5abbbbb (patch) | |
tree | f7359bd48c37717b3ca13b280cff420985914efb /active | |
parent | c2c0f731c4b430efc832fcdc0bf770f4a25c76c6 (diff) |
Add CVE-2020-36322 and add note for CVE-2021-28950
Diffstat (limited to 'active')
-rw-r--r-- | active/CVE-2020-36322 | 13 | ||||
-rw-r--r-- | active/CVE-2021-28950 | 1 |
2 files changed, 14 insertions, 0 deletions
diff --git a/active/CVE-2020-36322 b/active/CVE-2020-36322 new file mode 100644 index 00000000..d8450635 --- /dev/null +++ b/active/CVE-2020-36322 @@ -0,0 +1,13 @@ +Description: fuse: fix bad inode +References: +Notes: + carnil> Note that this CVE relates as well to CVE-2021-28950, which is + carnil> assigned because of an initial incomplete fix for this CVE. +Bugs: +upstream: released (5.11-rc1) [5d069dbe8aaf2a197142558b6fb2978189ba3454] +5.10-upstream-stable: released (5.10.6) [36cf9ae54b0ead0daab7701a994de3dcd9ef605d] +4.19-upstream-stable: +4.9-upstream-stable: +sid: released (5.10.9-1) +4.19-buster-security: +4.9-stretch-security: diff --git a/active/CVE-2021-28950 b/active/CVE-2021-28950 index 82d3c02a..73e83f65 100644 --- a/active/CVE-2021-28950 +++ b/active/CVE-2021-28950 @@ -6,6 +6,7 @@ Notes: carnil> older versions. bwh> Commit 5d069dbe8aaf "fuse: fix bad inode" fixed another DoS issue, bwh> so we'll need to backport both of them. + carnil> The 5d069dbe8aaf "fuse: fix bad inode" is CVE-2020-36322. Bugs: upstream: released (5.12-rc4) [775c5033a0d164622d9d10dd0f0a5531639ed3ed] 5.10-upstream-stable: released (5.10.25) [d955f13ea2120269319d6133d0dd82b66d1eeca3] |