Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits: 2f59193d by Moritz Muehlenhoff at 2023-02-21T20:37:23+01:00 bookworm triage - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -72531,6 +72531,10 @@ CVE-2022-28048 (STB v2.27 was discovered to contain an integer shift of invalid NOTE: https://github.com/nothings/stb/issues/1293 NOTE: https://github.com/nothings/stb/pull/1297 NOTE: Negligible security impact + NOTE: https://github.com/nothings/stb/commit/84b94010a7b08003cc3fb93635582849398e7ae2 + NOTE: https://github.com/nothings/stb/commit/96fe76c21308653d22672e986dd39506f6871421 + NOTE: https://github.com/nothings/stb/commit/47164e4086c1349ef3042fb04e0f7f7ceaf1fcee + NOTE: https://github.com/nothings/stb/commit/5cfc2a744ad7047cda2396cc67772f313a46093d CVE-2022-28047 RESERVED CVE-2022-28046 @@ -72550,12 +72554,20 @@ CVE-2022-28042 (stb_image.h v2.27 was discovered to contain an heap-based use-af [bullseye] - libstb <no-dsa> (Minor issue) NOTE: https://github.com/nothings/stb/issues/1289 NOTE: https://github.com/nothings/stb/pull/1297 + NOTE: https://github.com/nothings/stb/commit/84b94010a7b08003cc3fb93635582849398e7ae2 + NOTE: https://github.com/nothings/stb/commit/96fe76c21308653d22672e986dd39506f6871421 + NOTE: https://github.com/nothings/stb/commit/47164e4086c1349ef3042fb04e0f7f7ceaf1fcee + NOTE: https://github.com/nothings/stb/commit/5cfc2a744ad7047cda2396cc67772f313a46093d CVE-2022-28041 (stb_image.h v2.27 was discovered to contain an integer overflow via th ...) {DLA-3305-1} - libstb <unfixed> (bug #1014531) [bullseye] - libstb <no-dsa> (Minor issue) NOTE: https://github.com/nothings/stb/issues/1292 NOTE: https://github.com/nothings/stb/pull/1297 + NOTE: https://github.com/nothings/stb/commit/84b94010a7b08003cc3fb93635582849398e7ae2 + NOTE: https://github.com/nothings/stb/commit/96fe76c21308653d22672e986dd39506f6871421 + NOTE: https://github.com/nothings/stb/commit/47164e4086c1349ef3042fb04e0f7f7ceaf1fcee + NOTE: https://github.com/nothings/stb/commit/5cfc2a744ad7047cda2396cc67772f313a46093d CVE-2022-28040 RESERVED CVE-2022-28039 @@ -241726,6 +241738,7 @@ CVE-2019-19450 RESERVED CVE-2019-19449 (In the Linux kernel 5.0.21, mounting a crafted f2fs filesystem image c ...) - linux <unfixed> + [bookworm] - linux <postponed> (Minor issue, revisit once fixed upstream) [bullseye] - linux <postponed> (Minor issue, revisit once fixed upstream) [buster] - linux <postponed> (Minor issue, revisit once fixed upstream) [stretch] - linux <ignored> (f2fs is not supportable) @@ -254720,6 +254733,7 @@ CVE-2019-16061 (A number of files on the NETSAS Enigma NMS server 65.0.0 and pri NOT-FOR-US: NETSAS Enigma NMS CVE-2019-16089 (An issue was discovered in the Linux kernel through 5.2.13. nbd_genl_s ...) - linux <unfixed> + [bookworm] - linux <postponed> (Minor issue, revisit when fixed upstream) [bullseye] - linux <postponed> (Minor issue, revisit when fixed upstream) [buster] - linux <postponed> (Minor issue, revisit when fixed upstream) [stretch] - linux <not-affected> (Vulnerable code not present) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2f59193df95c9ac4637121512c01c969d94950d9 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2f59193df95c9ac4637121512c01c969d94950d9 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits