[Git][security-tracker-team/security-tracker][master] Add CVE-2018-20845/openjpeg2

Sun Jun 30 20:05:11 BST 2019


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
2278638c by Salvatore Bonaccorso at 2019-06-30T19:04:23Z
Add CVE-2018-20845/openjpeg2

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -246,7 +246,9 @@ CVE-2018-20847 (An improper computation of p_tx0, p_tx1, p_ty0 and p_ty1 in the
 CVE-2018-20846 (Out-of-bounds accesses in the functions pi_next_lrcp, pi_next_rlcp, pi ...)
 	TODO: check
 CVE-2018-20845 (Division-by-zero vulnerabilities in the functions pi_next_pcrl, pi_nex ...)
-	TODO: check
+	- openjpeg2 <unfixed> (unimportant)
+	NOTE: https://github.com/uclouvain/openjpeg/commit/c5bd64ea146162967c29bd2af0cbb845ba3eaaaf (2.3.1)
+	NOTE: Debian binary packages built with BUILD_MJ2:BOOL=OFF
 CVE-2018-20844
 	RESERVED
 CVE-2019-13031 (LemonLDAP::NG before 1.9.20 has an XML External Entity (XXE) issue whe ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/2278638c1d229b752c1652375bbbd8f3b621d08c

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/2278638c1d229b752c1652375bbbd8f3b621d08c
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190630/17bfce0c/attachment.html>
