Mark flatpak issue no-dsa for buster

author: Salvatore Bonaccorso <carnil@debian.org> 2021-10-12 14:18:50 +0200
committer: Salvatore Bonaccorso <carnil@debian.org> 2021-10-12 14:18:50 +0200
commit: b15468b98050c17502a3088f0bb5788ad2d28afa (patch)
tree: 76696a06209ddb168d2a4d164cb6c0c2314073b1 /data
parent: 24483ea93377539ec276e73e5222e5a439702ea8 (diff)
1 files changed, 1 insertions, 0 deletions
diff --git a/data/CVE/list.2021 b/data/CVE/list.2021
index 214312e10d..76c9306462 100644
--- a/data/CVE/list.2021
+++ b/data/CVE/list.2021
@@ -347,6 +347,7 @@ CVE-2021-3870
 	RESERVED
 CVE-2021-41133 (Flatpak is a system for building, distributing, and running sandboxed  ...)
 	- flatpak 1.12.1-1 (bug #995935)
+	[buster] - flatpak <no-dsa> (Not exploitable with Debian buster kernel, intrusive to backport; requires updated libseccomp)
 	NOTE: https://github.com/flatpak/flatpak/security/advisories/GHSA-67h7-w3jq-vh4q
 	NOTE: Sourcewise fixed in 1.12.0-1 already, but 1.12.1-1 adds stricter dependency
 	NOTE: to libseccomp 2.5.2 so that CVE-2021-41133 is fully prevented.
author	Salvatore Bonaccorso <carnil@debian.org>	2021-10-12 14:18:50 +0200
committer	Salvatore Bonaccorso <carnil@debian.org>	2021-10-12 14:18:50 +0200
commit	b15468b98050c17502a3088f0bb5788ad2d28afa (patch)
tree	76696a06209ddb168d2a4d164cb6c0c2314073b1 /data
parent	24483ea93377539ec276e73e5222e5a439702ea8 (diff)