diff options
| author | Moritz Mühlenhoff <jmm@debian.org> | 2021-03-03 20:10:56 +0100 |
|---|---|---|
| committer | Moritz Mühlenhoff <jmm@debian.org> | 2021-03-03 20:10:56 +0100 |
| commit | 76af50498c92bdfa9523dd5a5b65790786c48ec4 (patch) | |
| tree | 6fe14a2564694c0ffcec52ca3cc9cf1c0c3bc0f4 | |
| parent | 264b9c3325df139cb2b837c529e5c1b80a4d386d (diff) | |
add libnewlib-nano to affected source packages
| -rw-r--r-- | data/CVE/list.2021 | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/data/CVE/list.2021 b/data/CVE/list.2021 index 1c10695c71..83af77f3da 100644 --- a/data/CVE/list.2021 +++ b/data/CVE/list.2021 @@ -1,10 +1,12 @@ CVE-2021-3420 RESERVED - newlib <unfixed> + [buster] - newlib <no-dsa> (Minor issue) - picolibc 1.5-1 + - libnewlib-nano <unfixed> (bug #984424) + [buster] - libnewlib-nano <no-dsa> (Minor issue) NOTE: Fix in picolibc: https://keithp.com/cgit/picolibc.git/commit/newlib/libc/stdlib/mallocr.c?id=aa106b29a6a8a1b0df9e334704292cbc32f2d44e NOTE: https://sourceware.org/git/?p=newlib-cygwin.git;a=commit;h=aa106b29a6a8a1b0df9e334704292cbc32f2d44e - TODO: check libnewlib-nano, potentially derived code, if not then the CVE does not apply CVE-2021-27917 RESERVED CVE-2021-27916 |