From cf1fa3444ca97b48f6df68466ecf8e5711777ca4 Mon Sep 17 00:00:00 2001 From: Salvatore Bonaccorso Date: Fri, 5 Mar 2021 21:15:21 +0100 Subject: Add CVE-2021-28041/openssh --- data/CVE/2021.list | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/data/CVE/2021.list b/data/CVE/2021.list index c151d2f4dd..c0fd6c9034 100644 --- a/data/CVE/2021.list +++ b/data/CVE/2021.list @@ -1,7 +1,11 @@ CVE-2021-3423 RESERVED CVE-2021-28041 (ssh-agent in OpenSSH before 8.5 has a double free that may be relevant ...) - TODO: check + - openssh + [buster] - openssh (Vulnerable code introduced later) + [stretch] - openssh (Vulnerable code introduced later) + NOTE: https://www.openwall.com/lists/oss-security/2021/03/03/1 + NOTE: https://github.com/openssh/openssh-portable/commit/e04fd6dde16de1cdc5a4d9946397ff60d96568db CVE-2021-28040 (An issue was discovered in OSSEC 3.6.0. An uncontrolled recursion vuln ...) TODO: check CVE-2021-28037 (An issue was discovered in the internment crate before 0.4.2 for Rust. ...) -- cgit v1.2.3