From 99d34f7ce7fc9fcaa6bdb6750cbf8578cdb6f9d8 Mon Sep 17 00:00:00 2001 From: Moritz Muehlenhoff Date: Wed, 16 Feb 2022 23:08:58 +0100 Subject: mbedtls fixed in sid --- data/CVE/2020.list | 2 +- data/CVE/2021.list | 4 +++- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/data/CVE/2020.list b/data/CVE/2020.list index 3c7b9765c4..6d344184c7 100644 --- a/data/CVE/2020.list +++ b/data/CVE/2020.list @@ -73,7 +73,7 @@ CVE-2020-36478 (An issue was discovered in Mbed TLS before 2.25.0 (and before 2. NOTE: https://github.com/ARMmbed/mbedtls/commit/ca17ebfbc02b57e2bcb42efe64a5f2002c756ea8 (development) CVE-2020-36477 (An issue was discovered in Mbed TLS before 2.24.0. The verification of ...) [experimental] - mbedtls 2.28.0-0.1 - - mbedtls + - mbedtls 2.28.0-0.3 [stretch] - mbedtls (2.4 not affected) NOTE: https://github.com/ARMmbed/mbedtls/issues/3498 NOTE: https://github.com/ARMmbed/mbedtls/commit/f3e4bd8632b71dc491e52e6df87dc3e409d2b869 (development) diff --git a/data/CVE/2021.list b/data/CVE/2021.list index 51a9076871..d4197c9478 100644 --- a/data/CVE/2021.list +++ b/data/CVE/2021.list @@ -4502,6 +4502,8 @@ CVE-2021-44961 RESERVED CVE-2021-44960 (In SVGPP SVG++ library 1.3.0, the XMLDocument::getRoot function in the ...) - svgpp + [bullseye] - svgpp (Minor issue) + [buster] - svgpp (Minor issue) NOTE: https://github.com/svgpp/svgpp/issues/101 CVE-2021-44959 RESERVED @@ -5141,7 +5143,7 @@ CVE-2021-44733 (A use-after-free exists in drivers/tee/tee_shm.c in the TEE subs NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2030747 CVE-2021-44732 (Mbed TLS before 3.0.1 has a double free in certain out-of-memory condi ...) [experimental] - mbedtls 2.28.0-0.1 - - mbedtls (bug #1002631) + - mbedtls 2.28.0-0.3 (bug #1002631) NOTE: https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2021-12 NOTE: https://github.com/ARMmbed/mbedtls/commit/eb490aabf6a9f47c074ec476d0d4997c2362cdbc (mbedtls-2.16.12) CVE-2021-44731 -- cgit v1.2.3