Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: ccdfe186 by security tracker role at 2022-05-31T20:10:21+00:00 automatic update - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,3 +1,81 @@ +CVE-2022-32158 + RESERVED +CVE-2022-32157 + RESERVED +CVE-2022-32156 + RESERVED +CVE-2022-32155 + RESERVED +CVE-2022-32154 + RESERVED +CVE-2022-32153 + RESERVED +CVE-2022-32152 + RESERVED +CVE-2022-32151 + RESERVED +CVE-2022-32150 + RESERVED +CVE-2022-32149 + RESERVED +CVE-2022-32148 + RESERVED +CVE-2022-32147 + RESERVED +CVE-2022-32146 + RESERVED +CVE-2022-32145 + RESERVED +CVE-2022-32144 + RESERVED +CVE-2022-32143 + RESERVED +CVE-2022-32142 + RESERVED +CVE-2022-32141 + RESERVED +CVE-2022-32140 + RESERVED +CVE-2022-32139 + RESERVED +CVE-2022-32138 + RESERVED +CVE-2022-32137 + RESERVED +CVE-2022-32136 + RESERVED +CVE-2022-30997 + RESERVED +CVE-2022-29519 + RESERVED +CVE-2022-1962 + RESERVED +CVE-2022-1961 + RESERVED +CVE-2022-1960 + RESERVED +CVE-2022-1959 + RESERVED +CVE-2022-1958 + RESERVED +CVE-2022-1957 + RESERVED +CVE-2022-1956 + RESERVED +CVE-2022-1955 + RESERVED +CVE-2022-1954 + RESERVED +CVE-2022-1953 + RESERVED +CVE-2022-1952 + RESERVED +CVE-2022-1951 + RESERVED +CVE-2022-1950 + RESERVED +CVE-2022-1949 + RESERVED CVE-2022-32135 RESERVED CVE-2022-32134 @@ -688,8 +766,8 @@ CVE-2022-1943 [udf: Avoid using stale lengthOfImpUse] [stretch] - linux <not-affected> (Vulnerable code not present) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2086412 NOTE: Fixed by: https://git.kernel.org/linus/c1ad35dd0548ce947d97aaf92f7f2f9a202951cf (5.18-rc7) -CVE-2022-1942 - RESERVED +CVE-2022-1942 (Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. ...) + TODO: check CVE-2022-1941 RESERVED CVE-2022-1940 @@ -769,8 +847,8 @@ CVE-2022-1927 (Buffer Over-read in GitHub repository vim/vim prior to 8.2. ...) NOTE: https://huntr.dev/bounties/945107ef-0b27-41c7-a03c-db99def0e777 NOTE: https://github.com/vim/vim/commit/4d97a565ae8be0d4debba04ebd2ac3e75a0c8010 (v8.2.5037) NOTE: Crash in CLI tool, no security impact -CVE-2022-1926 - RESERVED +CVE-2022-1926 (Integer Overflow or Wraparound in GitHub repository polonel/trudesk pr ...) + TODO: check CVE-2022-31793 RESERVED CVE-2022-31792 @@ -1780,8 +1858,8 @@ CVE-2022-31502 RESERVED CVE-2022-31501 RESERVED -CVE-2022-31500 - RESERVED +CVE-2022-31500 (In KNIME Analytics Platform below 4.6.0, the Windows installer sets im ...) + TODO: check CVE-2022-31499 RESERVED CVE-2022-31498 @@ -2100,14 +2178,14 @@ CVE-2022-31340 RESERVED CVE-2022-31339 RESERVED -CVE-2022-31338 - RESERVED -CVE-2022-31337 - RESERVED -CVE-2022-31336 - RESERVED -CVE-2022-31335 - RESERVED +CVE-2022-31338 (Online Ordering System 2.3.2 is vulnerable to SQL Injection via /order ...) + TODO: check +CVE-2022-31337 (Online Ordering System 2.3.2 is vulnerable to SQL Injection via /order ...) + TODO: check +CVE-2022-31336 (Online Ordering System 2.3.2 is vulnerable to SQL Injection via /order ...) + TODO: check +CVE-2022-31335 (Online Ordering System 2.3.2 is vulnerable to SQL Injection via /order ...) + TODO: check CVE-2022-31334 RESERVED CVE-2022-31333 @@ -2118,12 +2196,12 @@ CVE-2022-31331 RESERVED CVE-2022-31330 RESERVED -CVE-2022-31329 - RESERVED -CVE-2022-31328 - RESERVED -CVE-2022-31327 - RESERVED +CVE-2022-31329 (Online Ordering System By janobe 2.3.2 is vulnerable to SQL Injection ...) + TODO: check +CVE-2022-31328 (Online Ordering System By janobe 2.3.2 has SQL Injection via /ordering ...) + TODO: check +CVE-2022-31327 (Online Ordering System By janobe 2.3.2 is vulneranle to SQL Injection ...) + TODO: check CVE-2022-31326 RESERVED CVE-2022-31325 @@ -2879,8 +2957,8 @@ CVE-2022-31004 (CVEProject/cve-services is an open source project used to operat NOT-FOR-US: CVEProject/cve-services CVE-2022-31003 RESERVED -CVE-2022-31002 - RESERVED +CVE-2022-31002 (Sofia-SIP is an open-source Session Initiation Protocol (SIP) User-Age ...) + TODO: check CVE-2022-31001 RESERVED CVE-2022-31000 @@ -3021,8 +3099,8 @@ CVE-2022-1771 (Uncontrolled Recursion in GitHub repository vim/vim prior to 8.2. NOTE: Crash in CLI tool, no security impact CVE-2019-25061 (The random_password_generator (aka RandomPasswordGenerator) gem throug ...) NOT-FOR-US: bvsatyaram/random_password_generator -CVE-2022-30973 - RESERVED +CVE-2022-30973 (We failed to apply the fix for CVE-2022-30126 to the 1.x branch in the ...) + TODO: check CVE-2022-1770 (Improper Privilege Management in GitHub repository polonel/trudesk pri ...) NOT-FOR-US: Trudesk CVE-2022-1769 (Buffer Over-read in GitHub repository vim/vim prior to 8.2.4974. ...) @@ -3540,72 +3618,72 @@ CVE-2022-30838 (Covid-19 Travel Pass Management System v1.0 is vulnerable to SQL NOT-FOR-US: Covid-19 Travel Pass Management System CVE-2022-30837 (Toll-tax-management-system v1.0 is vulnerable to Cross Site Scripting ...) NOT-FOR-US: Toll-tax-management-system -CVE-2022-30836 - RESERVED -CVE-2022-30835 - RESERVED -CVE-2022-30834 - RESERVED -CVE-2022-30833 - RESERVED -CVE-2022-30832 - RESERVED -CVE-2022-30831 - RESERVED -CVE-2022-30830 - RESERVED -CVE-2022-30829 - RESERVED -CVE-2022-30828 - RESERVED -CVE-2022-30827 - RESERVED -CVE-2022-30826 - RESERVED -CVE-2022-30825 - RESERVED +CVE-2022-30836 (Wedding Management System v1.0 is vulnerable to SQL Injection. via Wed ...) + TODO: check +CVE-2022-30835 (Wedding Management System v1.0 is vulnerable to SQL Injection. via /We ...) + TODO: check +CVE-2022-30834 (Wedding Management System v1.0 is vulnerable to SQL Injection via /Wed ...) + TODO: check +CVE-2022-30833 (Wedding Management System v1.0 is vulnerable to SQL Injection via /Wed ...) + TODO: check +CVE-2022-30832 (Wedding Management System v1.0 is vulnerable to SQL Injection via /Wed ...) + TODO: check +CVE-2022-30831 (Wedding Management System v1.0 is vulnerable to SQL Injection via Wedd ...) + TODO: check +CVE-2022-30830 (Wedding Management System v1.0 is vulnerable to SQL Injection via \adm ...) + TODO: check +CVE-2022-30829 (Wedding Management System v1.0 is vulnerable to SQL Injection via \adm ...) + TODO: check +CVE-2022-30828 (Wedding Management System v1.0 is vulnerable to SQL Injection via \adm ...) + TODO: check +CVE-2022-30827 (Wedding Management System v1.0 is vulnerable to SQL Injection via \adm ...) + TODO: check +CVE-2022-30826 (Wedding Management System v1.0 is vulnerable to SQL Injection via admi ...) + TODO: check +CVE-2022-30825 (Wedding Management System v1.0 is vulnerable to SQL Injection via \adm ...) + TODO: check CVE-2022-30824 RESERVED -CVE-2022-30823 - RESERVED -CVE-2022-30822 - RESERVED -CVE-2022-30821 - RESERVED -CVE-2022-30820 - RESERVED -CVE-2022-30819 - RESERVED -CVE-2022-30818 - RESERVED -CVE-2022-30817 - RESERVED -CVE-2022-30816 - RESERVED -CVE-2022-30815 - RESERVED -CVE-2022-30814 - RESERVED -CVE-2022-30813 - RESERVED +CVE-2022-30823 (Wedding Management System v1.0 is vulnerable to SQL Injection via \adm ...) + TODO: check +CVE-2022-30822 (In Wedding Management System v1.0, there is an arbitrary file upload v ...) + TODO: check +CVE-2022-30821 (In Wedding Management System v1.0, the editing function of the "Servic ...) + TODO: check +CVE-2022-30820 (In Wedding Management v1.0, there is an arbitrary file upload vulnerab ...) + TODO: check +CVE-2022-30819 (In Wedding Management System v1.0, there is an arbitrary file upload v ...) + TODO: check +CVE-2022-30818 (Wedding Management System v1.0 is vulnerable to SQL injection via /Wed ...) + TODO: check +CVE-2022-30817 (Simple Bus Ticket Booking System 1.0 is vulnerable to SQL Injection vi ...) + TODO: check +CVE-2022-30816 (elitecms 1.01 is vulnerable to SQL Injection via /admin/edit_sidebar.p ...) + TODO: check +CVE-2022-30815 (elitecms 1.01 is vulnerable to SQL Injection via admin/edit_sidebar.ph ...) + TODO: check +CVE-2022-30814 (elitecms v1.01 is vulnerable to SQL Injection via /admin/add_sidebar.p ...) + TODO: check +CVE-2022-30813 (elitecms 1.01 is vulnerable to SQL Injection via /admin/add_post.php. ...) + TODO: check CVE-2022-30812 RESERVED CVE-2022-30811 RESERVED -CVE-2022-30810 - RESERVED -CVE-2022-30809 - RESERVED -CVE-2022-30808 - RESERVED +CVE-2022-30810 (elitecms v1.01 is vulnerable to SQL Injection via admin/edit_post.php. ...) + TODO: check +CVE-2022-30809 (elitecms 1.01 is vulnerable to SQL Injection via /admin/edit_page.php? ...) + TODO: check +CVE-2022-30808 (elitecms 1.0.1 is vulnerable to Arbitrary code execution via admin/man ...) + TODO: check CVE-2022-30807 RESERVED CVE-2022-30806 RESERVED CVE-2022-30805 RESERVED -CVE-2022-30804 - RESERVED +CVE-2022-30804 (elitecms v1.01 is vulnerable to Delete any file via /admin/delete_imag ...) + TODO: check CVE-2022-30803 RESERVED CVE-2022-30802 @@ -3614,18 +3692,18 @@ CVE-2022-30801 RESERVED CVE-2022-30800 RESERVED -CVE-2022-30799 - RESERVED -CVE-2022-30798 - RESERVED -CVE-2022-30797 - RESERVED +CVE-2022-30799 (Online Ordering System v1.0 by oretnom23 has SQL injection via store/o ...) + TODO: check +CVE-2022-30798 (Online Ordering System v1.0 by oretnom23 is vulnerable to SQL Injectio ...) + TODO: check +CVE-2022-30797 (Online Ordering System 1.0 by oretnom23 is vulnerable to SQL Injection ...) + TODO: check CVE-2022-30796 RESERVED -CVE-2022-30795 - RESERVED -CVE-2022-30794 - RESERVED +CVE-2022-30795 (Online Ordering System v1.0 by oretnom23 is vulnerable to SQL Injectio ...) + TODO: check +CVE-2022-30794 (Online Ordering System v1.0 by oretnom23 is vulnerable to SQL Injectio ...) + TODO: check CVE-2022-30793 RESERVED CVE-2022-30790 @@ -4277,8 +4355,7 @@ CVE-2022-1654 RESERVED CVE-2022-1653 RESERVED -CVE-2022-1652 - RESERVED +CVE-2022-1652 (Linux Kernel could allow a local attacker to execute arbitrary code on ...) - linux <unfixed> NOTE: https://www.openwall.com/lists/oss-security/2022/05/10/1 CVE-2022-1651 @@ -4910,10 +4987,10 @@ CVE-2022-30298 RESERVED CVE-2022-29509 RESERVED -CVE-2022-29483 - RESERVED -CVE-2022-28702 - RESERVED +CVE-2022-29483 (Incorrect Default Permissions vulnerability in ABB e-Design allows att ...) + TODO: check +CVE-2022-28702 (Incorrect Default Permissions vulnerability in ABB e-Design allows att ...) + TODO: check CVE-2022-1615 RESERVED CVE-2022-1614 @@ -5662,8 +5739,8 @@ CVE-2022-30036 RESERVED CVE-2022-30035 RESERVED -CVE-2022-30034 - RESERVED +CVE-2022-30034 (Flower, a web UI for the Celery Python RPC framework, all versions as ...) + TODO: check CVE-2022-30033 (Tenda TX9 Pro V22.03.02.10 is vulnerable to Buffer Overflow via the fu ...) NOT-FOR-US: Tenda CVE-2022-30032 @@ -6554,8 +6631,7 @@ CVE-2022-1464 (Stored xss bug in GitHub repository gogs/gogs prior to 0.12.7. As NOT-FOR-US: Go Git Service CVE-2022-1463 (The Booking Calendar plugin for WordPress is vulnerable to PHP Object ...) NOT-FOR-US: Booking Calendar plugin for WordPress -CVE-2022-1462 - RESERVED +CVE-2022-1462 (An out-of-bounds read flaw was found in the Linux kernel’s TeleT ...) - linux <unfixed> NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2078466 NOTE: https://www.openwall.com/lists/oss-security/2022/05/27/2 @@ -6707,8 +6783,8 @@ CVE-2022-29727 (Survey Sparrow Enterprise Survey Software 2022 has a Stored cros NOT-FOR-US: Survey Sparrow Enterprise Survey Software CVE-2022-29726 RESERVED -CVE-2022-29725 - RESERVED +CVE-2022-29725 (An arbitrary file upload in the image upload component of wityCMS v0.6 ...) + TODO: check CVE-2022-29724 RESERVED CVE-2022-29723 @@ -6733,10 +6809,10 @@ CVE-2022-29714 RESERVED CVE-2022-29713 RESERVED -CVE-2022-29712 - RESERVED -CVE-2022-29711 - RESERVED +CVE-2022-29712 (LibreNMS v22.3.0 was discovered to contain multiple command injection ...) + TODO: check +CVE-2022-29711 (LibreNMS v22.3.0 was discovered to contain a cross-site scripting (XSS ...) + TODO: check CVE-2022-29710 (A cross-site scripting (XSS) vulnerability in uploadConfirm.php of Lim ...) - limesurvey <itp> (bug #472802) CVE-2022-29709 @@ -7230,8 +7306,7 @@ CVE-2022-29529 (An issue was discovered in MISP before 2.4.158. There is stored NOT-FOR-US: MISP CVE-2022-29528 (An issue was discovered in MISP before 2.4.158. PHAR deserialization c ...) NOT-FOR-US: MISP -CVE-2022-1419 - RESERVED +CVE-2022-1419 (The root cause of this vulnerability is that the ioctl$DRM_IOCTL_MODE_ ...) - linux 5.5.13-1 NOTE: https://www.openwall.com/lists/oss-security/2022/04/21/1 NOTE: Fixed by: https://git.kernel.org/linus/4b848f20eda5974020f043ca14bacf7a7e634fc8 (5.6-rc2) @@ -8010,8 +8085,8 @@ CVE-2022-29260 RESERVED CVE-2022-29259 RESERVED -CVE-2022-29258 - RESERVED +CVE-2022-29258 (XWiki Platform Filter UI provides a generic user interface to convert ...) + TODO: check CVE-2022-29257 RESERVED CVE-2022-29256 (sharp is an application for Node.js image processing. Prior to version ...) @@ -8037,12 +8112,12 @@ CVE-2022-29247 RESERVED CVE-2022-29246 (Azure RTOS USBX is a USB host, device, and on-the-go (OTG) embedded st ...) NOT-FOR-US: Microsoft -CVE-2022-29245 - RESERVED +CVE-2022-29245 (SSH.NET is a Secure Shell (SSH) library for .NET. In versions 2020.0.0 ...) + TODO: check CVE-2022-29244 RESERVED -CVE-2022-29243 - RESERVED +CVE-2022-29243 (Nextcloud Server is the file server software for Nextcloud, a self-hos ...) + TODO: check CVE-2022-29242 (GOST engine is a reference implementation of the Russian GOST crypto a ...) - libengine-gost-openssl1.1 <unfixed> NOTE: https://github.com/gost-engine/engine/security/advisories/GHSA-2rmw-8wpg-vgw5 @@ -8100,8 +8175,8 @@ CVE-2022-29221 (Smarty is a template engine for PHP, facilitating the separation NOTE: https://github.com/smarty-php/smarty/security/advisories/GHSA-634x-pc3q-cf4c NOTE: https://github.com/smarty-php/smarty/commit/64ad6442ca1da31cefdab5c9874262b702cccddd (v4.1.1) NOTE: https://github.com/smarty-php/smarty/commit/3606c4717ed6348e114a610ff1e446048dcd0345 (v3.1.45) -CVE-2022-29220 - RESERVED +CVE-2022-29220 (github-action-merge-dependabot is an action that automatically approve ...) + TODO: check CVE-2022-29219 (Lodestar is a TypeScript implementation of the Ethereum Consensus spec ...) NOT-FOR-US: chainsafe/lodestar CVE-2022-29218 (RubyGems is a package registry used to supply software for the Ruby la ...) @@ -15861,8 +15936,7 @@ CVE-2022-26493 RESERVED CVE-2022-26492 RESERVED -CVE-2022-26491 [MITM attack possible on non-DNSSEC XMPP connections] - RESERVED +CVE-2022-26491 (An issue was discovered in Pidgin before 2.14.9. A remote attacker who ...) - pidgin 2.14.9-1 NOTE: https://pidgin.im/about/security/advisories/cve-2022-26491/ NOTE: https://keep.imfreedom.org/pidgin/pidgin/rev/13cdb7956bdc @@ -20692,6 +20766,7 @@ CVE-2022-24795 (yajl-ruby is a C binding to the YAJL JSON parsing and generation CVE-2022-24794 (Express OpenID Connect is an Express JS middleware implementing sign o ...) NOT-FOR-US: Express OpenID Connect CVE-2022-24793 (PJSIP is a free and open source multimedia communication library writt ...) + {DLA-3036-1} - asterisk <unfixed> [stretch] - asterisk <not-affected> (Vulnerable code not present) - pjproject <removed> @@ -20699,6 +20774,7 @@ CVE-2022-24793 (PJSIP is a free and open source multimedia communication library NOTE: https://github.com/pjsip/pjproject/security/advisories/GHSA-p6g5-v97c-w5q4 NOTE: https://github.com/pjsip/pjproject/commit/9fae8f43accef8ea65d4a8ae9cdf297c46cfe29a CVE-2022-24792 (PJSIP is a free and open source multimedia communication library writt ...) + {DLA-3036-1} - asterisk <unfixed> [stretch] - asterisk <not-affected> (Vulnerable code not present) - pjproject <removed> @@ -20822,6 +20898,7 @@ CVE-2022-24764 (PJSIP is a free and open source multimedia communication library NOTE: https://github.com/pjsip/pjproject/security/advisories/GHSA-f5qg-pqcg-765m NOTE: https://github.com/pjsip/pjproject/commit/560a1346f87aabe126509bb24930106dea292b00 CVE-2022-24763 (PJSIP is a free and open source multimedia communication library writt ...) + {DLA-3036-1} - asterisk <unfixed> [stretch] - asterisk <not-affected> (Vulnerable code not present) - pjproject <removed> @@ -26998,8 +27075,8 @@ CVE-2022-23084 RESERVED CVE-2022-23083 (NetMaster 12.2 Network Management for TCP/IP and NetMaster File Transf ...) NOT-FOR-US: NetMaster -CVE-2022-23082 - RESERVED +CVE-2022-23082 (In CureKit versions v1.0.1 through v1.1.3 are vulnerable to path trave ...) + TODO: check CVE-2022-23081 RESERVED CVE-2022-23080 @@ -27254,7 +27331,7 @@ CVE-2022-22980 RESERVED CVE-2022-22979 RESERVED -CVE-2022-22978 (In Spring Security versions 5.5.6 and 5.5.7 and older unsupported vers ...) +CVE-2022-22978 (In Spring Security versions 5.5.6 and 5.6.3 and older unsupported vers ...) TODO: check CVE-2022-22977 (VMware Tools for Windows(12.0.0, 11.x.y and 10.x.y) contains an XML Ex ...) TODO: check @@ -29485,8 +29562,8 @@ CVE-2022-22363 RESERVED CVE-2022-22362 RESERVED -CVE-2022-22361 - RESERVED +CVE-2022-22361 (IBM Business Automation Workflow traditional 21.0.1 through 21.0.3, 20 ...) + TODO: check CVE-2022-22360 RESERVED CVE-2022-22359 @@ -45234,18 +45311,18 @@ CVE-2021-42202 RESERVED CVE-2021-42201 RESERVED -CVE-2021-42200 - RESERVED -CVE-2021-42199 - RESERVED -CVE-2021-42198 - RESERVED -CVE-2021-42197 - RESERVED -CVE-2021-42196 - RESERVED -CVE-2021-42195 - RESERVED +CVE-2021-42200 (An issue was discovered in swftools through 20201222. A NULL pointer d ...) + TODO: check +CVE-2021-42199 (An issue was discovered in swftools through 20201222. A heap buffer ov ...) + TODO: check +CVE-2021-42198 (An issue was discovered in swftools through 20201222. A NULL pointer d ...) + TODO: check +CVE-2021-42197 (An issue was discovered in swftools through 20201222 through a memory ...) + TODO: check +CVE-2021-42196 (An issue was discovered in swftools through 20201222. A NULL pointer d ...) + TODO: check +CVE-2021-42195 (An issue was discovered in swftools through 20201222. A heap-buffer-ov ...) + TODO: check CVE-2021-42194 (The wechat_return function in /controller/Index.php of EyouCms V1.5.4- ...) NOT-FOR-US: Eyoucms CVE-2021-42193 @@ -56372,7 +56449,7 @@ CVE-2021-3677 (A flaw was found in postgresql. A purpose-crafted query can read [buster] - postgresql-11 11.13-0+deb10u1 NOTE: https://www.postgresql.org/about/news/postgresql-134-128-1113-1018-9623-and-14-beta-3-released-2277/ CVE-2021-3676 - RESERVED + REJECTED CVE-2021-3675 RESERVED CVE-2021-37843 (The resolution SAML SSO apps for Atlassian products allow a remote att ...) @@ -67609,8 +67686,8 @@ CVE-2021-33188 RESERVED CVE-2021-33187 RESERVED -CVE-2021-3555 - RESERVED +CVE-2021-3555 (A Buffer Overflow vulnerability in the RSTP server component of Eufy I ...) + TODO: check CVE-2021-33186 (SerenityOS in test-crypto.cpp contains a stack buffer overflow which c ...) NOT-FOR-US: SerenityOS CVE-2021-33185 (SerenityOS contains a buffer overflow in the set_range test in TestBit ...) @@ -111667,8 +111744,8 @@ CVE-2020-28248 (An integer overflow in the PngImg::InitStorage_() function of pn NOT-FOR-US: png-img CVE-2020-28247 (The lettre library through 0.10.0-alpha for Rust allows arbitrary send ...) NOT-FOR-US: Node lettre -CVE-2020-28246 - RESERVED +CVE-2020-28246 (A Server-Side Template Injection (SSTI) was discovered in Form.io 2.0. ...) + TODO: check CVE-2020-28245 RESERVED CVE-2020-28244 @@ -234639,6 +234716,7 @@ CVE-2019-2203 (In CryptoPlugin::decrypt of CryptoPlugin.cpp, there is a possible CVE-2019-2202 (In CryptoPlugin::decrypt of CryptoPlugin.cpp, there is a possible out ...) NOT-FOR-US: Android media framework CVE-2019-2201 (In generate_jsimd_ycc_rgb_convert_neon of jsimd_arm64_neon.S, there is ...) + {DLA-3037-1} - libjpeg-turbo 1:2.0.5-1 (low) [buster] - libjpeg-turbo 1:1.5.2-2+deb10u1 [jessie] - libjpeg-turbo <ignored> (No package in Debian jessie uses the TurboJPEG API) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ccdfe186bc853aa2da6a729c0be47da0405fd23d -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ccdfe186bc853aa2da6a729c0be47da0405fd23d You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits