diff options
| author | Salvatore Bonaccorso <carnil@debian.org> | 2021-10-15 15:11:10 +0200 |
|---|---|---|
| committer | Salvatore Bonaccorso <carnil@debian.org> | 2021-10-15 15:11:10 +0200 |
| commit | 934dfe2c9b181161a59177737d85968327d81bfd (patch) | |
| tree | aae4c38674edef53cbf2ae111328fa8cdd26c6f4 | |
| parent | 26d5564ea7b37678a13ec823e120bcb2a88fe9d1 (diff) | |
Add TODO item for two otrs2/znuny issues
| -rw-r--r-- | data/CVE/2021.list | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/data/CVE/2021.list b/data/CVE/2021.list index 98f8c74b4d..a66018cc2b 100644 --- a/data/CVE/2021.list +++ b/data/CVE/2021.list @@ -14789,6 +14789,7 @@ CVE-2021-36096 (Generated Support Bundles contains private S/MIME and PGP keys i NOTE: https://otrs.com/release-notes/otrs-security-advisory-2021-10/ NOTE: Reference is for OTRS, no reference for znuny yet (in bullseye src:otrs2 is the znuny fork) NOTE: CVE-2021-36096 is an update from the original CVE-2021-21440. + TODO: check, 6.1.2-1 claims to fix the issue through the znuny codebase CVE-2021-36095 (Malicious attacker is able to find out valid user logins by using the ...) - otrs2 <undetermined> (bug #993846) [buster] - otrs2 <no-dsa> (Non-free not supported) @@ -14801,6 +14802,7 @@ CVE-2021-36094 (It's possible to craft a request for appointment edit screen, wh [stretch] - otrs2 <no-dsa> (Non-free not supported) NOTE: https://otrs.com/release-notes/otrs-security-advisory-2021-17/ NOTE: Reference is for OTRS, no reference for znuny yet (in bullseye src:otrs2 is the znuny fork) + TODO: check, 6.1.2-1 claims to fix the issue through the znuny codebase CVE-2021-36093 (It's possible to create an email which can be stuck while being proces ...) - otrs2 <undetermined> (bug #993846) [buster] - otrs2 <no-dsa> (Non-free not supported) |