summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorSalvatore Bonaccorso <carnil@debian.org>2021-10-15 15:11:10 +0200
committerSalvatore Bonaccorso <carnil@debian.org>2021-10-15 15:11:10 +0200
commit670d9570add1c9bf5828a7aa818958f91edd118a (patch)
tree9e72588617cd02a39a30f71cdc74a2162b5fd027
parentec4677ee5fbf88f5dd1136df9be9e88cfce0f5d8 (diff)
Add TODO item for two otrs2/znuny issues
-rw-r--r--data/CVE/list.20212
1 files changed, 2 insertions, 0 deletions
diff --git a/data/CVE/list.2021 b/data/CVE/list.2021
index 98f8c74b4d..a66018cc2b 100644
--- a/data/CVE/list.2021
+++ b/data/CVE/list.2021
@@ -14789,6 +14789,7 @@ CVE-2021-36096 (Generated Support Bundles contains private S/MIME and PGP keys i
NOTE: https://otrs.com/release-notes/otrs-security-advisory-2021-10/
NOTE: Reference is for OTRS, no reference for znuny yet (in bullseye src:otrs2 is the znuny fork)
NOTE: CVE-2021-36096 is an update from the original CVE-2021-21440.
+ TODO: check, 6.1.2-1 claims to fix the issue through the znuny codebase
CVE-2021-36095 (Malicious attacker is able to find out valid user logins by using the ...)
- otrs2 <undetermined> (bug #993846)
[buster] - otrs2 <no-dsa> (Non-free not supported)
@@ -14801,6 +14802,7 @@ CVE-2021-36094 (It's possible to craft a request for appointment edit screen, wh
[stretch] - otrs2 <no-dsa> (Non-free not supported)
NOTE: https://otrs.com/release-notes/otrs-security-advisory-2021-17/
NOTE: Reference is for OTRS, no reference for znuny yet (in bullseye src:otrs2 is the znuny fork)
+ TODO: check, 6.1.2-1 claims to fix the issue through the znuny codebase
CVE-2021-36093 (It's possible to create an email which can be stuck while being proces ...)
- otrs2 <undetermined> (bug #993846)
[buster] - otrs2 <no-dsa> (Non-free not supported)

© 2014-2021 Faster IT GmbH | imprint | privacy policy