From 7237d3fd70a27fb2d0ab55d04e4c7dad9fb0dc17 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Moritz=20M=C3=BChlenhoff?= Date: Mon, 9 Aug 2021 23:03:39 +0200 Subject: tomcat DSA --- data/CVE/list | 2 ++ data/DSA/list | 3 +++ data/dsa-needed.txt | 2 -- 3 files changed, 5 insertions(+), 2 deletions(-) diff --git a/data/CVE/list b/data/CVE/list index 7e9286a47d..8b0a9c8b6e 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -12032,6 +12032,7 @@ CVE-2021-33038 (An issue was discovered in management/commands/hyperkitty_import CVE-2021-33037 (Apache Tomcat 10.0.0-M1 to 10.0.6, 9.0.0.M1 to 9.0.46 and 8.5.0 to 8.5 ...) {DLA-2733-1} - tomcat9 9.0.43-2 (bug #991046) + [bullseye] - tomcat9 9.0.43-2~deb11u1 - tomcat8 NOTE: https://github.com/apache/tomcat/commit/45d70a86a901cbd534f8f570bed2aec9f7f7b88e (9.0.47) NOTE: https://github.com/apache/tomcat/commit/05f9e8b00f5d9251fcd3c95dcfd6cf84177f46c8 (9.0.47) @@ -18013,6 +18014,7 @@ CVE-2021-30641 (Apache HTTP Server versions 2.4.39 to 2.4.46 Unexpected matching CVE-2021-30640 (A vulnerability in the JNDI Realm of Apache Tomcat allows an attacker ...) {DLA-2733-1} - tomcat9 9.0.43-2 (bug #991046) + [bullseye] - tomcat9 9.0.43-2~deb11u1 - tomcat8 NOTE: https://bz.apache.org/bugzilla/show_bug.cgi?id=65224 NOTE: https://github.com/apache/tomcat/commit/c4df8d44a959a937d507d15e5b1ca35c3dbc41eb (9.0.46) diff --git a/data/DSA/list b/data/DSA/list index 200e4d0c5c..be8f4029bd 100644 --- a/data/DSA/list +++ b/data/DSA/list @@ -1,3 +1,6 @@ +[09 Aug 2021] DSA-4952-1 tomcat9 - security update + {CVE-2021-30640 CVE-2021-33037} + [buster] - tomcat9 9.0.31-1~deb10u5 [07 Aug 2021] DSA-4951-1 bluez - security update {CVE-2020-26558 CVE-2020-27153 CVE-2021-0129} [buster] - bluez 5.50-1.2~deb10u2 diff --git a/data/dsa-needed.txt b/data/dsa-needed.txt index d5dbd54e8e..9605765d02 100644 --- a/data/dsa-needed.txt +++ b/data/dsa-needed.txt @@ -48,8 +48,6 @@ runc -- salt -- -tomcat9 --- trafficserver (jmm) -- varnish -- cgit v1.2.3