[Git][security-tracker-team/security-tracker][master] bugnums

Wed, 20 Dec 2023 08:01:46 -0800 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
13215d71 by Moritz Muehlenhoff at 2023-12-20T17:00:33+01:00
bugnums

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -2728,7 +2728,7 @@ CVE-2023-49465 (Libde265 v1.0.14 was discovered to 
contain a heap-buffer-overflo
        - libde265 <unfixed>
        NOTE: https://github.com/strukturag/libde265/issues/435
 CVE-2023-49464 (libheif v1.17.5 was discovered to contain a segmentation 
violation via ...)
-       - libheif <unfixed>
+       - libheif <unfixed> (bug #1059151)
        [bookworm] - libheif <no-dsa> (Minor issue)
        [bullseye] - libheif <no-dsa> (Minor issue)
        [buster] - libheif <not-affected> (Vulnerable code not present)
@@ -2736,21 +2736,21 @@ CVE-2023-49464 (libheif v1.17.5 was discovered to 
contain a segmentation violati
        NOTE: https://github.com/strukturag/libheif/pull/1049
        NOTE: 
https://github.com/strukturag/libheif/commit/2bf226a300951e6897ee7267d0dd379ba5ad7287
 CVE-2023-49463 (libheif v1.17.5 was discovered to contain a segmentation 
violation via ...)
-       - libheif <unfixed>
+       - libheif <unfixed> (bug #1059151)
        [bookworm] - libheif <no-dsa> (Minor issue)
        [bullseye] - libheif <no-dsa> (Minor issue)
        [buster] - libheif <not-affected> (Vulnerable code not present)
        NOTE: https://github.com/strukturag/libheif/issues/1042
        NOTE: 
https://github.com/strukturag/libheif/commit/26ec3953d46bb5756b97955661565bcbc6647abf
 CVE-2023-49462 (libheif v1.17.5 was discovered to contain a segmentation 
violation via ...)
-       - libheif <unfixed>
+       - libheif <unfixed> (bug #1059151)
        [bookworm] - libheif <no-dsa> (Minor issue)
        [bullseye] - libheif <no-dsa> (Minor issue)
        [buster] - libheif <not-affected> (Vulnerable code not present)
        NOTE: https://github.com/strukturag/libheif/issues/1043
        NOTE: 
https://github.com/strukturag/libheif/commit/730a9d80bea3434f75c79e721878cc67f3889969
 CVE-2023-49460 (libheif v1.17.5 was discovered to contain a segmentation 
violation via ...)
-       - libheif <unfixed>
+       - libheif <unfixed> (bug #1059151)
        [bookworm] - libheif <no-dsa> (Minor issue)
        [bullseye] - libheif <no-dsa> (Minor issue)
        [buster] - libheif <not-affected> (Vulnerable code not present)
@@ -235358,25 +235358,25 @@ CVE-2020-24297 (httpd on TP-Link TL-WPA4220 devices 
(versions 2 through 4) allow
 CVE-2020-24296
        RESERVED
 CVE-2020-24295 (Buffer Overflow vulnerability in 
PSDParser.cpp::ReadImageLine() in Fre ...)
-       - freeimage <unfixed>
+       - freeimage <unfixed> (bug #1059152)
        [bookworm] - freeimage <postponed> (Revisit when patches are available)
        [bullseye] - freeimage <postponed> (Revisit when patches are available)
        [buster] - freeimage <postponed> (Revisit when patches are available)
        NOTE: 
https://sourceforge.net/p/freeimage/discussion/36111/thread/afb98701eb/
 CVE-2020-24294 (Buffer Overflow vulnerability in psdParser::UnpackRLE function 
in PSDP ...)
-       - freeimage <unfixed>
+       - freeimage <unfixed> (bug #1059152)
        [bookworm] - freeimage <postponed> (Revisit when patches are available)
        [bullseye] - freeimage <postponed> (Revisit when patches are available)
        [buster] - freeimage <postponed> (Revisit when patches are available)
        NOTE: 
https://sourceforge.net/p/freeimage/discussion/36111/thread/afb98701eb/
 CVE-2020-24293 (Buffer Overflow vulnerability in psdThumbnail::Read in 
PSDParser.cpp i ...)
-       - freeimage <unfixed>
+       - freeimage <unfixed> (bug #1059152)
        [bookworm] - freeimage <postponed> (Revisit when patches are available)
        [bullseye] - freeimage <postponed> (Revisit when patches are available)
        [buster] - freeimage <postponed> (Revisit when patches are available)
        NOTE: 
https://sourceforge.net/p/freeimage/discussion/36111/thread/afb98701eb/
 CVE-2020-24292 (Buffer Overflow vulnerability in load function in 
PluginICO.cpp in Fre ...)
-       - freeimage <unfixed>
+       - freeimage <unfixed> (bug #1059152)
        [bookworm] - freeimage <postponed> (Revisit when patches are available)
        [bullseye] - freeimage <postponed> (Revisit when patches are available)
        [buster] - freeimage <postponed> (Revisit when patches are available)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/13215d71ff790e689024c2d5d2afdcbefabc6412

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/13215d71ff790e689024c2d5d2afdcbefabc6412
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to