diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2022-01-28 00:06:59 +0100 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2022-01-28 00:06:59 +0100 |
commit | 4bb3cddb330e855407a6d3c5c18cb1796bce9e60 (patch) | |
tree | 4c56590fd3773392fb2ca21366b1976275a1465b | |
parent | 814083c5e9ad1059814b48dc550fe37a1b69a102 (diff) |
Add CVE-2021-44120/spip
-rw-r--r-- | data/CVE/list.2021 | 4 | ||||
-rw-r--r-- | data/DLA/list | 2 | ||||
-rw-r--r-- | data/DSA/list | 2 |
3 files changed, 5 insertions, 3 deletions
diff --git a/data/CVE/list.2021 b/data/CVE/list.2021 index 2048d73af2..2c70a940ed 100644 --- a/data/CVE/list.2021 +++ b/data/CVE/list.2021 @@ -6567,7 +6567,9 @@ CVE-2021-44122 (SPIP 4.0.0 is affected by a Cross Site Request Forgery (CSRF) vu CVE-2021-44121 REJECTED CVE-2021-44120 (SPIP 4.0.0 is affected by a Cross Site Scripting (XSS) vulnerability i ...) - TODO: check + - spip 3.2.12-1 + NOTE: https://git.spip.net/spip/spip/commit/d548391d799387d1e93cf1a369d385c72f7d5c81 + NOTE: https://git.spip.net/spip/spip/commit/361cc26080d1377bc55d2cb80736e5cfaf5fd242 (v3.2.12) CVE-2021-44119 RESERVED CVE-2021-44118 (SPIP 4.0.0 is affected by a Cross Site Scripting (XSS) vulnerability. ...) diff --git a/data/DLA/list b/data/DLA/list index 1162408971..9bd44a70f1 100644 --- a/data/DLA/list +++ b/data/DLA/list @@ -110,7 +110,7 @@ [29 Dec 2021] DLA-2857-2 postgis - regression update [stretch] - postgis 2.3.1+dfsg-2+deb9u2 [29 Dec 2021] DLA-2867-1 spip - security update - {CVE-2021-44122} + {CVE-2021-44120 CVE-2021-44122} [stretch] - spip 3.1.4-4~deb9u4+deb9u2 [29 Dec 2021] DLA-2866-1 uw-imap - security update {CVE-2018-19518} diff --git a/data/DSA/list b/data/DSA/list index 8c20e2e608..c64be43e8b 100644 --- a/data/DSA/list +++ b/data/DSA/list @@ -128,7 +128,7 @@ [buster] - sogo 4.0.7-1+deb10u2 [bullseye] - sogo 5.0.1-4+deb11u1 [22 Dec 2021] DSA-5028-1 spip - security update - {CVE-2021-44122} + {CVE-2021-44120 CVE-2021-44122} [buster] - spip 3.2.4-1+deb10u5 [bullseye] - spip 3.2.11-3+deb11u1 [21 Dec 2021] DSA-5027-1 xorg-server - security update |