[Git][security-tracker-team/security-tracker][master] new chromium issue fixed in sid

Moritz Muehlenhoff jmm at debian.org
Tue Jun 23 09:00:51 BST 2020 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
08a1417b by Moritz Muehlenhoff at 2020-06-23T10:00:37+02:00
new chromium issue fixed in sid
jpeg triage

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -2024,9 +2024,13 @@ CVE-2020-14154 (Mutt before 1.14.3 proceeds with a connection even if, in respon
 	NOTE: https://gitlab.com/muttmua/mutt/commit/f64ec1deefb67d471a642004e102cd1c501a1db3
 	NOTE: Negligible security impact
 CVE-2020-14153 (In IJG JPEG (aka libjpeg) before 9d, jdhuff.c has an out-of-bounds arr ...)
-	TODO: check
+	- libjpeg9 1:9d-1
+	- libjpeg-turbo <undetermined>
+	NOTE: Not clear what the exact change is between 9c and 9d and whether it applies to -turbo
 CVE-2020-14152 (In IJG JPEG (aka libjpeg) before 9d, jpeg_mem_available() in jmemnobs. ...)
-	TODO: check
+	- libjpeg9 1:9d-1 (low)
+	- libjpeg-turbo <unfixed> (low)
+	TODO: report to libjpeg-turbo upstream
 CVE-2020-14151 (In IJG JPEG (aka libjpeg) before 9d, read_*_pixel() in rdtarga.c in cj ...)
 	NOTE: Duplicate of CVE-2018-11813, should be rejected
 CVE-2020-14150 (GNU Bison before 3.5.4 allows attackers to cause a denial of service ( ...)
@@ -22040,6 +22044,8 @@ CVE-2020-6510
 	RESERVED
 CVE-2020-6509
 	RESERVED
+	- chromium 83.0.4103.116-1
+	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2020-6508
 	RESERVED
 CVE-2020-6507



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/08a1417b534b1ad5b0c5757c2472a8229b594f56

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/08a1417b534b1ad5b0c5757c2472a8229b594f56
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200623/ef6c3cd5/attachment.html>

More information about the debian-security-tracker-commits mailing list