[Git][security-tracker-team/security-tracker][master] Add two new CVEs for djvulibre

Thu, 24 Aug 2023 08:53:16 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
27721ef6 by Salvatore Bonaccorso at 2023-08-24T17:52:36+02:00
Add two new CVEs for djvulibre

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -117602,7 +117602,8 @@ CVE-2021-46313 (The binary MP4Box in GPAC v1.0.1 was 
discovered to contain a seg
        NOTE: https://github.com/gpac/gpac/issues/2039
        NOTE: 
https://github.com/gpac/gpac/commit/ee969d3c4c425ecb25999eb68ada616925b58eba 
(v2.0.0)
 CVE-2021-46312 (An issue was discovered IW44EncodeCodec.cpp in djvulibre 
3.5.28 in all ...)
-       TODO: check
+       - djvulibre <unfixed>
+       NOTE: https://sourceforge.net/p/djvu/bugs/344/
 CVE-2021-46311 (A NULL pointer dereference vulnerability exists in GPAC v1.1.0 
via the ...)
        - gpac 2.0.0+dfsg1-2
        [bullseye] - gpac <ignored> (Minor issue)
@@ -117611,7 +117612,8 @@ CVE-2021-46311 (A NULL pointer dereference 
vulnerability exists in GPAC v1.1.0 v
        NOTE: https://github.com/gpac/gpac/issues/2038
        NOTE: 
https://github.com/gpac/gpac/commit/ad19e0c4504a89ca273442b1b1483ae7adfb9491 
(v2.0.0)
 CVE-2021-46310 (An issue was discovered IW44Image.cpp in djvulibre 3.5.28 in 
allows at ...)
-       TODO: check
+       - djvulibre <unfixed>
+       NOTE: https://sourceforge.net/p/djvu/bugs/345/
 CVE-2021-46309 (An SQL Injection vulnerability exists in Sourcecodester 
Employee and V ...)
        NOT-FOR-US: Sourcecodester
 CVE-2021-46308 (An SQL Injection vulnerability exists in Sourcecodester Online 
Railway ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/27721ef6f454a92a9ebcb52f28711dc5239a94b6

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/27721ef6f454a92a9ebcb52f28711dc5239a94b6
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to