AVG-2146 log

Package fossil
Status Fixed
Severity High
Type certificate verification bypass
Affected 2.15.1-1
Fixed 2.16-1
Current 2.25-1 [extra]
Ticket None
Created Tue Jul 13 11:04:02 2021
Issue Severity Remote Type Description
CVE-2021-36377 High Yes Certificate verification bypass 
Fossil before version 2.15.2 often skips the hostname check during TLS certificate validation.
Date Advisory Package Type
10 Aug 2021 ASA-202108-8 fossil certificate verification bypass