Triage CVE-2021-41133 in flatpak for stretch LTS.

author: Chris Lamb <lamby@debian.org> 2021-10-13 09:07:11 +0100
committer: Chris Lamb <lamby@debian.org> 2021-10-13 09:10:38 +0100
commit: 4fcdff9c66e5820825a7ed68a7a110af25729a5f (patch)
tree: cd1774c32ee44a4e152862d5bdb9927903b9ce7a /data/CVE
parent: 6ac985203f471c1cc09352213a9cbc6b0e2e9546 (diff)
1 files changed, 1 insertions, 0 deletions
diff --git a/data/CVE/2021.list b/data/CVE/2021.list
index 6f0c55574e..622e0b928f 100644
--- a/data/CVE/2021.list
+++ b/data/CVE/2021.list
@@ -515,6 +515,7 @@ CVE-2021-41133 (Flatpak is a system for building, distributing, and running sand
 	{DSA-4984-1}
 	- flatpak 1.12.1-1 (bug #995935)
 	[buster] - flatpak <ignored> (Not exploitable with Debian buster kernel, intrusive to backport; requires updated libseccomp)
+	[stretch] - flatpak <ignored> (Difficult to exploit)
 	NOTE: https://github.com/flatpak/flatpak/security/advisories/GHSA-67h7-w3jq-vh4q
 	NOTE: Sourcewise fixed in 1.12.0-1 already, but 1.12.1-1 adds stricter dependency
 	NOTE: to libseccomp 2.5.2 so that CVE-2021-41133 is fully prevented.
author	Chris Lamb <lamby@debian.org>	2021-10-13 09:07:11 +0100
committer	Chris Lamb <lamby@debian.org>	2021-10-13 09:10:38 +0100
commit	4fcdff9c66e5820825a7ed68a7a110af25729a5f (patch)
tree	cd1774c32ee44a4e152862d5bdb9927903b9ce7a /data/CVE
parent	6ac985203f471c1cc09352213a9cbc6b0e2e9546 (diff)