Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 35fba623 by Salvatore Bonaccorso at 2021-08-29T10:05:44+02:00 Track fixed version for four openexr issues via unstable - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -12293,7 +12293,7 @@ CVE-2021-34696 RESERVED CVE-2021-3605 (There's a flaw in OpenEXR's rleUncompress functionality in versions pr ...) {DLA-2732-1} - - openexr <unfixed> (bug #990899) + - openexr 2.5.7-1 (bug #990899) [buster] - openexr <no-dsa> (Minor issue) NOTE: https://github.com/AcademySoftwareFoundation/openexr/pull/1036 NOTE: https://github.com/AcademySoftwareFoundation/openexr/commit/25259a84827234a283f6f9db72978198c7a3f268 (master) @@ -12376,7 +12376,7 @@ CVE-2021-34675 (Basix NEX-Forms through 7.8.7 allows authentication bypass for s NOT-FOR-US: Basix NEX-Forms CVE-2021-3598 (There's a flaw in OpenEXR's ImfDeepScanLineInputFile functionality in ...) {DLA-2701-1} - - openexr <unfixed> (bug #990450) + - openexr 2.5.7-1 (bug #990450) [bullseye] - openexr <no-dsa> (Minor issue) [buster] - openexr <no-dsa> (Minor issue) NOTE: https://github.com/AcademySoftwareFoundation/openexr/issues/1033 @@ -20090,7 +20090,7 @@ CVE-2021-26945 (An integer overflow leading to a heap-buffer overflow was found NOTE: Only affects exrcheck, which isn't built into the binary packages CVE-2021-26260 (An integer overflow leading to a heap-buffer overflow was found in the ...) {DLA-2701-1} - - openexr <unfixed> (bug #992703) + - openexr 2.5.7-1 (bug #992703) [bullseye] - openexr <no-dsa> (Minor issue) [buster] - openexr <no-dsa> (Minor issue) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1947582 @@ -20100,7 +20100,7 @@ CVE-2021-26260 (An integer overflow leading to a heap-buffer overflow was found NOTE: https://github.com/AcademySoftwareFoundation/openexr/commit/4212416433a230334cef0ac122cb8d722746035d (2.5) CVE-2021-23215 (An integer overflow leading to a heap-buffer overflow was found in the ...) {DLA-2701-1} - - openexr <unfixed> + - openexr 2.5.7-1 [bullseye] - openexr <ignored> (Minor issue, changes ABI) [buster] - openexr <ignored> (Minor issue, changes ABI) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1947586 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/35fba6238a47014641dac35f5a23d5782814a001 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/35fba6238a47014641dac35f5a23d5782814a001 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits