Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
9d0ab439 by Moritz Muehlenhoff at 2021-07-01T13:32:54+02:00
libavif already fixed in sid
glibc no-dsa
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -42,7 +42,7 @@ CVE-2021-36081 (Tesseract OCR 5.0.0-alpha-20201231 has a
one_ell_conflict use-af
CVE-2021-36080 (GNU LibreDWG 0.12.3.4163 through 0.12.3.4191 has a double-free
in bit_ ...)
- libredwg <itp> (bug #595191)
CVE-2020-36407 (libavif 0.8.0 and 0.8.1 has an out-of-bounds write in
avifDecoderDataF ...)
- - libavif <unfixed>
+ - libavif 0.8.2-1
NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=24811
NOTE:
https://github.com/AOMediaCodec/libavif/commit/0a8e7244d494ae98e9756355dfbfb6697ded2ff9
NOTE:
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/libavif/OSV-2020-1597.yaml
@@ -378,6 +378,8 @@ CVE-2021-35943
CVE-2021-35942 [Wild read in wordexp (parse_param)]
RESERVED
- glibc <unfixed>
+ [bullseye] - glibc <no-dsa> (Minor issue)
+ [buster] - glibc <no-dsa> (Minor issue)
NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=28011
NOTE:
https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=5adda61f62b77384718b4c0d8336ade8f2b4b35c
CVE-2021-35941 (Western Digital WD My Book Live (2.x and later) and WD My Book
Live Du ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9d0ab4396a35e37c15251e438ec90558bd2e56cd
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9d0ab4396a35e37c15251e438ec90558bd2e56cd
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
