[Git][security-tracker-team/security-tracker][master] sane-backends: stretch already mitigated
Sylvain Beucler
beuc at debian.org
Wed Aug 12 16:25:40 BST 2020
Sylvain Beucler pushed to branch master at Debian Security Tracker / security-tracker
Commits:
c2ad44bf by Sylvain Beucler at 2020-08-12T17:24:40+02:00
sane-backends: stretch already mitigated
CVE-2020-12861,CVE-2020-12864,CVE-2020-12866
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -10880,6 +10880,7 @@ CVE-2020-12866 (A NULL pointer dereference in SANE Backends before 1.0.30 allows
[experimental] - sane-backends 1.0.30-1~experimental1
- sane-backends <unfixed> (bug #961302)
[buster] - sane-backends <no-dsa> (Minor issue)
+ [stretch] - sane-backends <ignored> (already mitigated, auto-discovery for unsupported network access added in 1.0.27)
[jessie] - sane-backends <not-affected> (epsonds backend was added in 1.0.25)
NOTE: https://gitlab.com/sane-project/backends/-/issues/279
NOTE: https://gitlab.com/sane-project/backends/-/issues/279#issue-2-ghsl-2020-079-null-pointer-dereference-in-epsonds_net_read
@@ -10899,6 +10900,7 @@ CVE-2020-12864 (An out-of-bounds read in SANE Backends before 1.0.30 may allow a
[experimental] - sane-backends 1.0.30-1~experimental1
- sane-backends <unfixed> (bug #961302)
[buster] - sane-backends <no-dsa> (Minor issue)
+ [stretch] - sane-backends <ignored> (already mitigated, auto-discovery for unsupported network access added in 1.0.27)
[jessie] - sane-backends <not-affected> (epsonds backend was added in 1.0.25)
NOTE: https://gitlab.com/sane-project/backends/-/issues/279
NOTE: https://gitlab.com/sane-project/backends/-/issues/279#issue-4-ghsl-2020-081-reading-uninitialized-data-in-epsonds_net_read
@@ -10927,6 +10929,7 @@ CVE-2020-12861 (A heap buffer overflow in SANE Backends before 1.0.30 allows a m
[experimental] - sane-backends 1.0.30-1~experimental1
- sane-backends <unfixed> (bug #961302)
[buster] - sane-backends <no-dsa> (Minor issue)
+ [stretch] - sane-backends <ignored> (already mitigated, auto-discovery for unsupported network access added in 1.0.27)
[jessie] - sane-backends <not-affected> (epsonds backend was added in 1.0.25)
NOTE: https://gitlab.com/sane-project/backends/-/issues/279
NOTE: https://gitlab.com/sane-project/backends/-/issues/279#issue-3-ghsl-2020-080-heap-buffer-overflow-in-epsonds_net_read
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c2ad44bf7c81a5877acd8df508d65f4e6295b67a
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c2ad44bf7c81a5877acd8df508d65f4e6295b67a
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200812/05578bb1/attachment.html>
More information about the debian-security-tracker-commits
mailing list