Track freedombox issue fixed in unstable

author: Salvatore Bonaccorso <carnil@debian.org> 2021-03-29 06:24:17 +0200
committer: Salvatore Bonaccorso <carnil@debian.org> 2021-03-29 06:24:17 +0200
commit: 7adfcb8f53302ab7908d092f53b8f205ca288b85 (patch)
tree: d4f7c7453a595a80c287ba79f7de7807b041933c
parent: f6cf6be2b9720bbf28c6f7b9f2c4c9471e972171 (diff)
1 files changed, 5 insertions, 0 deletions
diff --git a/data/CVE/2021.list b/data/CVE/2021.list
index 8152968816..439ad80d54 100644
--- a/data/CVE/2021.list
+++ b/data/CVE/2021.list
@@ -1,3 +1,8 @@
+CVE-2021-XXXX [first_boot: Use session to verify first boot welcome step]
+	- freedombox 21.4.2
+	- plinth <removed>
+	NOTE: https://salsa.debian.org/freedombox-team/freedombox/-/issues/2074 (not yet public)
+	NOTE: https://salsa.debian.org/freedombox-team/freedombox/-/commit/f2005f56aa44d15c0fb82c5211c548a575961b03
 CVE-2021-29273
 	RESERVED
 CVE-2021-29272 (bluemonday before 1.0.5 allows XSS because certain Go lowercasing conv ...)
author	Salvatore Bonaccorso <carnil@debian.org>	2021-03-29 06:24:17 +0200
committer	Salvatore Bonaccorso <carnil@debian.org>	2021-03-29 06:24:17 +0200
commit	7adfcb8f53302ab7908d092f53b8f205ca288b85 (patch)
tree	d4f7c7453a595a80c287ba79f7de7807b041933c
parent	f6cf6be2b9720bbf28c6f7b9f2c4c9471e972171 (diff)