[Git][security-tracker-team/security-tracker][master] faad2 DSA

Moritz Muehlenhoff (@jmm) Sun, 27 Mar 2022 12:17:28 -0700


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
46a79c1c by Moritz Mühlenhoff at 2022-03-27T21:16:46+02:00
faad2 DSA

- - - - -


3 changed files:

- data/CVE/list
- data/DSA/list
- data/dsa-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -218056,7 +218056,6 @@ CVE-2018-20200 (** DISPUTED ** CertificatePinner.java 
in OkHttp 3.x through 3.12
 CVE-2018-20199 (A NULL pointer dereference was discovered in ifilter_bank of 
libfaad/f ...)
        {DLA-2792-1 DLA-1899-1}
        - faad2 2.8.8-3.1 (low)
-       [buster] - faad2 <no-dsa> (Minor issue)
        NOTE: https://github.com/knik0/faad2/issues/24
        NOTE: 
https://github.com/knik0/faad2/commit/3b80a57483a6bc822d3ce3cc640fa81737a87c54
 CVE-2018-20198 (A NULL pointer dereference was discovered in ifilter_bank of 
libfaad/f ...)
@@ -218074,7 +218073,6 @@ CVE-2018-20197 (There is a stack-based buffer 
underflow in the third instance of
 CVE-2018-20196 (There is a stack-based buffer overflow in the third instance 
of the ca ...)
        {DLA-1899-1}
        - faad2 2.8.8-3.1 (low)
-       [buster] - faad2 <no-dsa> (Minor issue)
        [stretch] - faad2 <no-dsa> (Minor issue)
        NOTE: https://github.com/knik0/faad2/issues/19
        NOTE: 
https://github.com/knik0/faad2/commit/6aeeaa1af0caf986daf22852a97f7c13c5edd879


=====================================
data/DSA/list
=====================================
@@ -1,3 +1,6 @@
+[27 Mar 2022] DSA-5109-1 faad2 - security update
+       {CVE-2018-20196 CVE-2018-20199 CVE-2018-20360 CVE-2019-6956 
CVE-2021-32272 CVE-2021-32273 CVE-2021-32274 CVE-2021-32276 CVE-2021-32277 
CVE-2021-32278}
+       [buster] - faad2 2.10.0-1~deb10u1
 [24 Mar 2022] DSA-5108-1 tiff - security update
        {CVE-2022-0561 CVE-2022-0562 CVE-2022-0865 CVE-2022-0891 CVE-2022-0907 
CVE-2022-0908 CVE-2022-0909 CVE-2022-0924 CVE-2022-22844}
        [buster] - tiff 4.1.0+git191117-2~deb10u4


=====================================
data/dsa-needed.txt
=====================================
@@ -16,8 +16,6 @@ asterisk/oldstable
 --
 condor/oldstable
 --
-faad2/oldstable (jmm)
---
 fish/stable
 --
 freecad (aron)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/46a79c1c8d006e50b74741d49fc30bc09292a067

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/46a79c1c8d006e50b74741d49fc30bc09292a067
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] faad2 DSA

Reply via email to