[Git][security-tracker-team/security-tracker][master] Map specific GHSL issues for sane-backends directly to assigned CVEs
Salvatore Bonaccorso
carnil at debian.org
Mon Jun 1 08:28:11 BST 2020
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
3f12e361 by Salvatore Bonaccorso at 2020-06-01T09:27:25+02:00
Map specific GHSL issues for sane-backends directly to assigned CVEs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1801,6 +1801,7 @@ CVE-2020-12867
[experimental] - sane-backends 1.0.30-1~experimental1
- sane-backends <unfixed> (bug #961302)
NOTE: https://gitlab.com/sane-project/backends/-/issues/279
+ NOTE: https://gitlab.com/sane-project/backends/-/issues/279#issue-1-ghsl-2020-075-null-pointer-dereference-in-sanei_epson_net_read
NOTE: https://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html
CVE-2020-12866
RESERVED
@@ -1808,6 +1809,7 @@ CVE-2020-12866
- sane-backends <unfixed> (bug #961302)
[jessie] - sane-backends <not-affected> (epsonds backend was added in 1.0.25)
NOTE: https://gitlab.com/sane-project/backends/-/issues/279
+ NOTE: https://gitlab.com/sane-project/backends/-/issues/279#issue-2-ghsl-2020-079-null-pointer-dereference-in-epsonds_net_read
NOTE: https://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html
CVE-2020-12865
RESERVED
@@ -1815,6 +1817,7 @@ CVE-2020-12865
- sane-backends <unfixed> (bug #961302)
[jessie] - sane-backends <not-affected> (epsonds backend was added in 1.0.25)
NOTE: https://gitlab.com/sane-project/backends/-/issues/279
+ NOTE: https://gitlab.com/sane-project/backends/-/issues/279#issue-9-ghsl-2020-084-buffer-overflow-in-esci2_img
NOTE: https://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html
CVE-2020-12864
RESERVED
@@ -1822,6 +1825,7 @@ CVE-2020-12864
- sane-backends <unfixed> (bug #961302)
[jessie] - sane-backends <not-affected> (epsonds backend was added in 1.0.25)
NOTE: https://gitlab.com/sane-project/backends/-/issues/279
+ NOTE: https://gitlab.com/sane-project/backends/-/issues/279#issue-4-ghsl-2020-081-reading-uninitialized-data-in-epsonds_net_read
NOTE: https://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html
CVE-2020-12863
RESERVED
@@ -1829,6 +1833,7 @@ CVE-2020-12863
- sane-backends <unfixed> (bug #961302)
[jessie] - sane-backends <not-affected> (epsonds backend was added in 1.0.25)
NOTE: https://gitlab.com/sane-project/backends/-/issues/279
+ NOTE: https://gitlab.com/sane-project/backends/-/issues/279#issue-7-ghsl-2020-083-out-of-bounds-read-in-esci2_check_header
NOTE: https://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html
CVE-2020-12862
RESERVED
@@ -1836,6 +1841,7 @@ CVE-2020-12862
- sane-backends <unfixed> (bug #961302)
[jessie] - sane-backends <not-affected> (epsonds backend was added in 1.0.25)
NOTE: https://gitlab.com/sane-project/backends/-/issues/279
+ NOTE: https://gitlab.com/sane-project/backends/-/issues/279#issue-5-ghsl-2020-082-out-of-bounds-read-in-decode_binary
NOTE: https://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html
CVE-2020-12861
RESERVED
@@ -1843,6 +1849,7 @@ CVE-2020-12861
- sane-backends <unfixed> (bug #961302)
[jessie] - sane-backends <not-affected> (epsonds backend was added in 1.0.25)
NOTE: https://gitlab.com/sane-project/backends/-/issues/279
+ NOTE: https://gitlab.com/sane-project/backends/-/issues/279#issue-3-ghsl-2020-080-heap-buffer-overflow-in-epsonds_net_read
NOTE: https://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html
CVE-2020-12860 (COVIDSafe through v1.0.17 allows a remote attacker to access phone nam ...)
NOT-FOR-US: COVIDSafe
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3f12e3611ab7a319a611761f4a42c46df53b210d
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3f12e3611ab7a319a611761f4a42c46df53b210d
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200601/7eab7c85/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list