[Git][security-tracker-team/security-tracker][master] sane-backends: stretch already mitigated

Sylvain Beucler beuc at debian.org
Wed Aug 12 16:25:40 BST 2020



Sylvain Beucler pushed to branch master at Debian Security Tracker / security-tracker


Commits:
c2ad44bf by Sylvain Beucler at 2020-08-12T17:24:40+02:00
sane-backends: stretch already mitigated
CVE-2020-12861,CVE-2020-12864,CVE-2020-12866

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -10880,6 +10880,7 @@ CVE-2020-12866 (A NULL pointer dereference in SANE Backends before 1.0.30 allows
 	[experimental] - sane-backends 1.0.30-1~experimental1
 	- sane-backends <unfixed> (bug #961302)
 	[buster] - sane-backends <no-dsa> (Minor issue)
+	[stretch] - sane-backends <ignored> (already mitigated, auto-discovery for unsupported network access added in 1.0.27)
 	[jessie] - sane-backends <not-affected> (epsonds backend was added in 1.0.25)
 	NOTE: https://gitlab.com/sane-project/backends/-/issues/279
 	NOTE: https://gitlab.com/sane-project/backends/-/issues/279#issue-2-ghsl-2020-079-null-pointer-dereference-in-epsonds_net_read
@@ -10899,6 +10900,7 @@ CVE-2020-12864 (An out-of-bounds read in SANE Backends before 1.0.30 may allow a
 	[experimental] - sane-backends 1.0.30-1~experimental1
 	- sane-backends <unfixed> (bug #961302)
 	[buster] - sane-backends <no-dsa> (Minor issue)
+	[stretch] - sane-backends <ignored> (already mitigated, auto-discovery for unsupported network access added in 1.0.27)
 	[jessie] - sane-backends <not-affected> (epsonds backend was added in 1.0.25)
 	NOTE: https://gitlab.com/sane-project/backends/-/issues/279
 	NOTE: https://gitlab.com/sane-project/backends/-/issues/279#issue-4-ghsl-2020-081-reading-uninitialized-data-in-epsonds_net_read
@@ -10927,6 +10929,7 @@ CVE-2020-12861 (A heap buffer overflow in SANE Backends before 1.0.30 allows a m
 	[experimental] - sane-backends 1.0.30-1~experimental1
 	- sane-backends <unfixed> (bug #961302)
 	[buster] - sane-backends <no-dsa> (Minor issue)
+	[stretch] - sane-backends <ignored> (already mitigated, auto-discovery for unsupported network access added in 1.0.27)
 	[jessie] - sane-backends <not-affected> (epsonds backend was added in 1.0.25)
 	NOTE: https://gitlab.com/sane-project/backends/-/issues/279
 	NOTE: https://gitlab.com/sane-project/backends/-/issues/279#issue-3-ghsl-2020-080-heap-buffer-overflow-in-epsonds_net_read



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c2ad44bf7c81a5877acd8df508d65f4e6295b67a

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c2ad44bf7c81a5877acd8df508d65f4e6295b67a
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200812/05578bb1/attachment.html>


More information about the debian-security-tracker-commits mailing list