diff options
| author | Salvatore Bonaccorso <carnil@debian.org> | 2021-10-15 15:11:10 +0200 |
|---|---|---|
| committer | Salvatore Bonaccorso <carnil@debian.org> | 2021-10-15 15:11:10 +0200 |
| commit | 01fa4a727f796b3f91c24fac6ecd7cfbc93538ee (patch) | |
| tree | 5ec518f144b490406484d6df0068cf49c99fb8f6 | |
| parent | 80480f4e499d393743edc49acf5533fa960312fc (diff) | |
Add TODO item for two otrs2/znuny issues
| -rw-r--r-- | data/CVE/list | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/data/CVE/list b/data/CVE/list index e6cfae41b1..e21dc2f9c3 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -16215,6 +16215,7 @@ CVE-2021-36096 (Generated Support Bundles contains private S/MIME and PGP keys i NOTE: https://otrs.com/release-notes/otrs-security-advisory-2021-10/ NOTE: Reference is for OTRS, no reference for znuny yet (in bullseye src:otrs2 is the znuny fork) NOTE: CVE-2021-36096 is an update from the original CVE-2021-21440. + TODO: check, 6.1.2-1 claims to fix the issue through the znuny codebase CVE-2021-36095 (Malicious attacker is able to find out valid user logins by using the ...) - otrs2 <undetermined> (bug #993846) [buster] - otrs2 <no-dsa> (Non-free not supported) @@ -16227,6 +16228,7 @@ CVE-2021-36094 (It's possible to craft a request for appointment edit screen, wh [stretch] - otrs2 <no-dsa> (Non-free not supported) NOTE: https://otrs.com/release-notes/otrs-security-advisory-2021-17/ NOTE: Reference is for OTRS, no reference for znuny yet (in bullseye src:otrs2 is the znuny fork) + TODO: check, 6.1.2-1 claims to fix the issue through the znuny codebase CVE-2021-36093 (It's possible to create an email which can be stuck while being proces ...) - otrs2 <undetermined> (bug #993846) [buster] - otrs2 <no-dsa> (Non-free not supported) |