[Git][security-tracker-team/security-tracker][master] Add CVE-2018-20847/openjpeg2

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
182ed0fc by Salvatore Bonaccorso at 2019-06-30T19:16:22Z
Add CVE-2018-20847/openjpeg2

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -242,7 +242,10 @@ CVE-2019-12967
 CVE-2019-12966 (FeHelper through 2019-06-19 allows arbitrary code execution during a J ...)
 	NOT-FOR-US: FeHelper
 CVE-2018-20847 (An improper computation of p_tx0, p_tx1, p_ty0 and p_ty1 in the functi ...)
-	TODO: check
+	- openjpeg2 <unfixed>
+	NOTE: https://github.com/uclouvain/openjpeg/commit/5d00b719f4b93b1445e6fb4c766b9a9883c57949
+	NOTE: https://github.com/uclouvain/openjpeg/issues/431
+	NOTE: https://github.com/uclouvain/openjpeg/commit/c58df149900df862806d0e892859b41115875845
 CVE-2018-20846 (Out-of-bounds accesses in the functions pi_next_lrcp, pi_next_rlcp, pi ...)
 	- openjpeg2 <unfixed> (unimportant)
 	NOTE: https://github.com/uclouvain/openjpeg/commit/c277159986c80142180fbe5efb256bbf3bdf3edc



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/182ed0fcfcd43b284c19d57c5cc58390c8807d30

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/182ed0fcfcd43b284c19d57c5cc58390c8807d30
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190630/8d9a6f3d/attachment-0001.html>