Chris Lamb pushed to branch master at Debian Security Tracker / security-tracker
Commits: 092a9201 by Chris Lamb at 2020-07-09T10:53:58+01:00 Triage CVE-2020-15503 in libraw for stretch LTS (thumbnailing code added later) - - - - - 20fee37f by Chris Lamb at 2020-07-09T10:54:02+01:00 data/dla-needed.txt: Triage gosa for stretch LTS. - - - - - 2 changed files: - data/CVE/list - data/dla-needed.txt Changes: ===================================== data/CVE/list ===================================== @@ -330,6 +330,7 @@ CVE-2020-15504 CVE-2020-15503 (LibRaw before 0.20-RC1 lacks a thumbnail size range check. This affect ...) - libraw <unfixed> [buster] - libraw <no-dsa> (Minor issue) + [stretch] - libraw <not-affected> (Thumbnailing code not present) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1853477 NOTE: https://github.com/LibRaw/LibRaw/commit/20ad21c0d87ca80217aee47533d91e633ce1864d CVE-2020-15502 (** DISPUTED ** The DuckDuckGo application through 5.58.0 for Android, ...) ===================================== data/dla-needed.txt ===================================== @@ -67,6 +67,8 @@ freerdp -- glib-networking (Emilio) -- +gosa +-- gupnp -- imagemagick (Markus Koschany) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/2dc55faf90d1d6accae659fa07c34447f406b751...20fee37f67c5a36c26d463ad219a462afce257bc -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/2dc55faf90d1d6accae659fa07c34447f406b751...20fee37f67c5a36c26d463ad219a462afce257bc You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits