Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
30068ece by Ola Lundqvist at 2024-04-11T22:11:20+02:00
Removed postpone tag for buster freeimage CVE since patch is available in
fedora.
The postpone tag should probably be removed for later releases as well but
that is not up to the LTS team to decide so keeping them.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -262807,7 +262807,6 @@ CVE-2020-24292 (Buffer Overflow vulnerability in load
function in PluginICO.cpp
- freeimage <unfixed> (bug #1059152)
[bookworm] - freeimage <postponed> (Revisit when patches are available)
[bullseye] - freeimage <postponed> (Revisit when patches are available)
- [buster] - freeimage <postponed> (Revisit when patches are available)
NOTE:
https://sourceforge.net/p/freeimage/discussion/36111/thread/afb98701eb/
NOTE: Patch in Fedora (not upstream'ed):
https://src.fedoraproject.org/rpms/freeimage/blob/f39/f/CVE-2020-24292.patch
CVE-2020-24291
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/30068ece2273e922e99bed42fdc80af1d470d01f
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/30068ece2273e922e99bed42fdc80af1d470d01f
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
