[Git][security-tracker-team/security-tracker][master] Track fixed versions fixed in unstable for openexr

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
f1ea57ff by Salvatore Bonaccorso at 2020-08-22T09:40:33+02:00
Track fixed versions fixed in unstable for openexr

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -19107,17 +19107,17 @@ CVE-2020-15307 (Nozomi Guardian before 19.0.4 allows attackers to achieve stored
 	NOT-FOR-US: Nozomi Guardian
 CVE-2020-15306 (An issue was discovered in OpenEXR before v2.5.2. Invalid chunkCount a ...)
 	[experimental] - openexr 2.5.2-1
-	- openexr <unfixed>
+	- openexr 2.5.3-2
 	[jessie] - openexr <no-dsa> (Minor issue)
 	NOTE: https://github.com/AcademySoftwareFoundation/openexr/pull/738
 CVE-2020-15305 (An issue was discovered in OpenEXR before 2.5.2. Invalid input could c ...)
 	[experimental] - openexr 2.5.2-1
-	- openexr <unfixed>
+	- openexr 2.5.3-2
 	[jessie] - openexr <no-dsa> (Minor issue)
 	NOTE: https://github.com/AcademySoftwareFoundation/openexr/pull/730
 CVE-2020-15304 (An issue was discovered in OpenEXR before 2.5.2. An invalid tiled inpu ...)
 	[experimental] - openexr 2.5.2-1
-	- openexr <unfixed>
+	- openexr 2.5.3-2
 	[buster] - openexr <not-affected> (Vulnerable code not present)
 	[stretch] - openexr <not-affected> (Vulnerable code not present)
 	[jessie] - openexr <no-dsa> (Minor issue)
@@ -29023,53 +29023,53 @@ CVE-2020-11766 (sendfax.php in iFAX AvantFAX before 3.3.6 and HylaFAX Enterprise
 	NOT-FOR-US: iFAX AvantFAX
 CVE-2020-11765 (An issue was discovered in OpenEXR before 2.4.1. There is an off-by-on ...)
 	[experimental] - openexr 2.5.0-1
-	- openexr <unfixed> (bug #959444)
+	- openexr 2.5.3-2 (bug #959444)
 	[jessie] - openexr <no-dsa> (Minor issue)
 	NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=1987
 	NOTE: https://github.com/AcademySoftwareFoundation/openexr/commit/3eda5d70aba127bae9bd6bae9956fcf024b64031
 	NOTE: https://github.com/AcademySoftwareFoundation/openexr/commit/2ae5f8376b0a6c3e2bb100042f5de79503ba837a
 CVE-2020-11764 (An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bo ...)
 	[experimental] - openexr 2.5.0-1
-	- openexr <unfixed> (bug #959444)
+	- openexr 2.5.3-2 (bug #959444)
 	[jessie] - openexr <no-dsa> (Minor issue)
 	NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=1987
 	NOTE: https://github.com/AcademySoftwareFoundation/openexr/commit/e7c26f6ef5bf7ae8ea21ecf19963186cd1391720
 	NOTE: https://github.com/AcademySoftwareFoundation/openexr/commit/a6408c90339bdf19f89476578d7f936b741be9b2
 CVE-2020-11763 (An issue was discovered in OpenEXR before 2.4.1. There is an std::vect ...)
 	[experimental] - openexr 2.5.0-1
-	- openexr <unfixed> (bug #959444)
+	- openexr 2.5.3-2 (bug #959444)
 	[jessie] - openexr <no-dsa> (Minor issue)
 	NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=1987
 	NOTE: https://github.com/AcademySoftwareFoundation/openexr/pull/643/commits/d0303d1785d2a8cb994efee9efa81f8ee4be4c17
 CVE-2020-11762 (An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bo ...)
 	[experimental] - openexr 2.5.0-1
-	- openexr <unfixed> (bug #959444)
+	- openexr 2.5.3-2 (bug #959444)
 	[jessie] - openexr <no-dsa> (Minor issue)
 	NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=1987
 	NOTE: https://github.com/AcademySoftwareFoundation/openexr/commit/3eda5d70aba127bae9bd6bae9956fcf024b64031
 	NOTE: https://github.com/AcademySoftwareFoundation/openexr/commit/2ae5f8376b0a6c3e2bb100042f5de79503ba837a
 CVE-2020-11761 (An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bo ...)
 	[experimental] - openexr 2.5.0-1
-	- openexr <unfixed> (bug #959444)
+	- openexr 2.5.3-2 (bug #959444)
 	[jessie] - openexr <no-dsa> (Minor issue)
 	NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=1987
 	NOTE: https://github.com/AcademySoftwareFoundation/openexr/commit/b1c34c496b62117115b1089b18a44e0031800a09
 CVE-2020-11760 (An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bo ...)
 	[experimental] - openexr 2.5.0-1
-	- openexr <unfixed> (bug #959444)
+	- openexr 2.5.3-2 (bug #959444)
 	[jessie] - openexr <no-dsa> (Minor issue)
 	NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=1987
 	NOTE: https://github.com/AcademySoftwareFoundation/openexr/commit/37750013830def57f19f3c3b7faaa9fc1dae81b3
 CVE-2020-11759 (An issue was discovered in OpenEXR before 2.4.1. Because of integer ov ...)
 	[experimental] - openexr 2.5.0-1
-	- openexr <unfixed> (bug #959444)
+	- openexr 2.5.3-2 (bug #959444)
 	[jessie] - openexr <no-dsa> (Minor issue)
 	NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=1987
 	NOTE: https://github.com/AcademySoftwareFoundation/openexr/commit/b9997d0c045fa01af3d2e46e1a74b07cc4519446
 	NOTE: https://github.com/AcademySoftwareFoundation/openexr/commit/acad98d6d3e787f36012a3737c23c42c7f43a00f
 CVE-2020-11758 (An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bo ...)
 	[experimental] - openexr 2.5.0-1
-	- openexr <unfixed> (bug #959444)
+	- openexr 2.5.3-2 (bug #959444)
 	[jessie] - openexr <no-dsa> (Minor issue)
 	NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=1987
 	NOTE: https://github.com/AcademySoftwareFoundation/openexr/commit/7a52d40ae23c148f27116cb1f6e897b9143b372c



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f1ea57ff077f5319c47ffc089f528d343bd4c8ec

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f1ea57ff077f5319c47ffc089f528d343bd4c8ec
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200822/50dc9dd6/attachment.html>