[Git][security-tracker-team/security-tracker][master] Add CVE-2018-20846/openjpeg2
Salvatore Bonaccorso
carnil at debian.org
Sun Jun 30 20:13:17 BST 2019
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
a8725973 by Salvatore Bonaccorso at 2019-06-30T19:12:23Z
Add CVE-2018-20846/openjpeg2
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -244,7 +244,9 @@ CVE-2019-12966 (FeHelper through 2019-06-19 allows arbitrary code execution duri
CVE-2018-20847 (An improper computation of p_tx0, p_tx1, p_ty0 and p_ty1 in the functi ...)
TODO: check
CVE-2018-20846 (Out-of-bounds accesses in the functions pi_next_lrcp, pi_next_rlcp, pi ...)
- TODO: check
+ - openjpeg2 <unfixed> (unimportant)
+ NOTE: https://github.com/uclouvain/openjpeg/commit/c277159986c80142180fbe5efb256bbf3bdf3edc
+ NOTE: Debian binary packages built with BUILD_MJ2:BOOL=OFF
CVE-2018-20845 (Division-by-zero vulnerabilities in the functions pi_next_pcrl, pi_nex ...)
- openjpeg2 <unfixed> (unimportant)
NOTE: https://github.com/uclouvain/openjpeg/commit/c5bd64ea146162967c29bd2af0cbb845ba3eaaaf (2.3.1)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/a8725973ea1fb1d1711b73b534d5b53a35e03036
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/a8725973ea1fb1d1711b73b534d5b53a35e03036
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190630/2c40a98a/attachment.html>
More information about the debian-security-tracker-commits
mailing list