Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker
Commits: c969a57d by Markus Koschany at 2020-01-05T18:02:52+01:00 CVE-2020-5496,CVE-2020-5395,fontforge: Mark as no-dsa for Jessie Minor issue - - - - - a0e6ba51 by Markus Koschany at 2020-01-05T18:17:39+01:00 Add bug number for fontforge - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -13,9 +13,10 @@ CVE-2020-5498 CVE-2020-5497 (The OpenID Connect reference implementation for MITREid Connect throug ...) NOT-FOR-US: MITREid Connect CVE-2020-5496 (FontForge 20190801 has a heap-based buffer overflow in the Type2NotDef ...) - - fontforge <unfixed> + - fontforge <unfixed> (bug #948231) [buster] - fontforge <no-dsa> (Minor issue) [stretch] - fontforge <no-dsa> (Minor issue) + [jessie] - fontforge <no-dsa> (Minor issue) NOTE: https://github.com/fontforge/fontforge/issues/4085 CVE-2020-5495 RESERVED @@ -218,9 +219,10 @@ CVE-2020-5397 CVE-2020-5396 RESERVED CVE-2020-5395 (FontForge 20190801 has a use-after-free in SFD_GetFontMetaData in sfd. ...) - - fontforge <unfixed> + - fontforge <unfixed> (bug #948231) [buster] - fontforge <no-dsa> (Minor issue) [stretch] - fontforge <no-dsa> (Minor issue) + [jessie] - fontforge <no-dsa> (Minor issue) NOTE: https://github.com/fontforge/fontforge/issues/4084 CVE-2019-20334 (In Netwide Assembler (NASM) 2.14.02, stack consumption occurs in expr# ...) - nasm <unfixed> (unimportant) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/145e165bd1194fde3f3b463ab4c6dc38e297bfe1...a0e6ba5183c69ddbc39a62a1cb9303ef6605f86a -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/145e165bd1194fde3f3b463ab4c6dc38e297bfe1...a0e6ba5183c69ddbc39a62a1cb9303ef6605f86a You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits