The CVEs you refer to are very old and have been fixed a long time ago.
Please refer to:
https://www.tenable.com/security/research/tra-2019-53
This report states that all the reported problems are fixed as of ELOG 3.1.4-283534d or later.
Note that the elog git history does not refer to these CVEs because
they were fixed before the CVE number was assigned, per "Disclosure Timeline"
in the above document. The relevant commits are listed under "Additional References".
K.O. |