[Git][security-tracker-team/security-tracker][master] Temporarily track openexr fixes via experimental for CVE-2020-1530{4,5,6}
Salvatore Bonaccorso
carnil at debian.org
Thu Aug 6 22:37:46 BST 2020
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
edc3271c by Salvatore Bonaccorso at 2020-08-06T23:36:55+02:00
Temporarily track openexr fixes via experimental for CVE-2020-1530{4,5,6}
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -4501,14 +4501,17 @@ CVE-2020-15308 (Support Incident Tracker (aka SiT! or SiTracker) 3.67 p2 allows
CVE-2020-15307 (Nozomi Guardian before 19.0.4 allows attackers to achieve stored XSS ( ...)
NOT-FOR-US: Nozomi Guardian
CVE-2020-15306 (An issue was discovered in OpenEXR before v2.5.2. Invalid chunkCount a ...)
+ [experimental] - openexr 2.5.2-1
- openexr <unfixed>
[jessie] - openexr <no-dsa> (Minor issue)
NOTE: https://github.com/AcademySoftwareFoundation/openexr/pull/738
CVE-2020-15305 (An issue was discovered in OpenEXR before 2.5.2. Invalid input could c ...)
+ [experimental] - openexr 2.5.2-1
- openexr <unfixed>
[jessie] - openexr <no-dsa> (Minor issue)
NOTE: https://github.com/AcademySoftwareFoundation/openexr/pull/730
CVE-2020-15304 (An issue was discovered in OpenEXR before 2.5.2. An invalid tiled inpu ...)
+ [experimental] - openexr 2.5.2-1
- openexr <unfixed>
[buster] - openexr <not-affected> (Vulnerable code not present)
[stretch] - openexr <not-affected> (Vulnerable code not present)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/edc3271cdc075ba03e97ae74ede1527283f59c78
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/edc3271cdc075ba03e97ae74ede1527283f59c78
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200806/4289ea1e/attachment.html>
More information about the debian-security-tracker-commits
mailing list