[Git][security-tracker-team/security-tracker][master] jessie libmatio triaging

Adrian Bunk bunk at debian.org
Tue Jun 30 18:15:23 BST 2020



Adrian Bunk pushed to branch master at Debian Security Tracker / security-tracker


Commits:
dfefebae by Adrian Bunk at 2020-06-30T20:12:16+03:00
jessie libmatio triaging

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -29429,10 +29429,9 @@ CVE-2019-20053 (An invalid memory address dereference was discovered in the canU
 	NOTE: https://github.com/upx/upx/issues/314
 	NOTE: https://github.com/upx/upx/commit/819c33fee2b2c33b96bef27a13cb20f2589819aa
 CVE-2019-20052 (A memory leak was discovered in Mat_VarCalloc in mat.c in matio 1.5.17 ...)
-	- libmatio <unfixed>
-	[buster] - libmatio <no-dsa> (Minor issue)
-	[stretch] - libmatio <no-dsa> (Minor issue)
+	- libmatio 1.5.2-3
 	NOTE: https://github.com/tbeu/matio/issues/131
+	NOTE: Vulnerability was not in any released version
 CVE-2019-20051 (A floating-point exception was discovered in PackLinuxElf::elf_hash in ...)
 	- upx-ucl 3.96-1 (unimportant)
 	NOTE: https://github.com/upx/upx/issues/313
@@ -29527,21 +29526,25 @@ CVE-2019-20020 (A stack-based buffer over-read was discovered in ReadNextStructF
 	- libmatio <unfixed>
 	[buster] - libmatio <no-dsa> (Minor issue)
 	[stretch] - libmatio <no-dsa> (Minor issue)
+	[jessie] - libmatio <no-dsa> (Minor issue)
 	NOTE: https://github.com/tbeu/matio/issues/128
 CVE-2019-20019 (An attempted excessive memory allocation was discovered in Mat_VarRead ...)
 	- libmatio <unfixed>
 	[buster] - libmatio <no-dsa> (Minor issue)
 	[stretch] - libmatio <no-dsa> (Minor issue)
+	[jessie] - libmatio <no-dsa> (Minor issue)
 	NOTE: https://github.com/tbeu/matio/issues/130
 CVE-2019-20018 (A stack-based buffer over-read was discovered in ReadNextCell in mat5. ...)
 	- libmatio <unfixed>
 	[buster] - libmatio <no-dsa> (Minor issue)
 	[stretch] - libmatio <no-dsa> (Minor issue)
+	[jessie] - libmatio <no-dsa> (Minor issue)
 	NOTE: https://github.com/tbeu/matio/issues/129
 CVE-2019-20017 (A stack-based buffer over-read was discovered in Mat_VarReadNextInfo5  ...)
 	- libmatio <unfixed>
 	[buster] - libmatio <no-dsa> (Minor issue)
 	[stretch] - libmatio <no-dsa> (Minor issue)
+	[jessie] - libmatio <no-dsa> (Minor issue)
 	NOTE: https://github.com/tbeu/matio/issues/127
 CVE-2019-20016 (libmysofa before 2019-11-24 does not properly restrict recursive funct ...)
 	- libmysofa 0.9~dfsg0-1
@@ -59206,6 +59209,7 @@ CVE-2019-13107 (Multiple integer overflows exist in MATIO before 1.5.16, related
 	- libmatio 1.5.17-3 (bug #931323)
 	[buster] - libmatio <no-dsa> (Minor issue)
 	[stretch] - libmatio <no-dsa> (Minor issue)
+	[jessie] - libmatio <no-dsa> (Minor issue, hard to backport)
 	NOTE: Several commits between 1.5.15..1.5.16: https://github.com/tbeu/matio/compare/f8cd397...fabac6c
 CVE-2019-13106 (Das U-Boot versions 2016.09 through 2019.07-rc4 can memset() too much  ...)
 	- u-boot 2020.01+dfsg-1 (low)
@@ -71656,18 +71660,21 @@ CVE-2019-9039 (In Couchbase Sync Gateway 2.1.2, an attacker with access to the S
 CVE-2019-9038 (An issue was discovered in libmatio.a in matio (aka MAT File I/O Libra ...)
 	- libmatio 1.5.13-2 (low; bug #924185)
 	[stretch] - libmatio <no-dsa> (Minor issue)
+	[jessie] - libmatio <no-dsa> (Minor issue, hard to backport)
 	NOTE: https://github.com/tbeu/matio/issues/103
 	NOTE: https://github.com/tbeu/matio/commit/a0539135c9b1ab7613aa7953279da9224da88775
 	NOTE: https://github.com/tbeu/matio/commit/2c20d2178017b3eb13ab160cef239648f9915bdb
 CVE-2019-9037 (An issue was discovered in libmatio.a in matio (aka MAT File I/O Libra ...)
 	- libmatio 1.5.13-2 (low; bug #924185)
 	[stretch] - libmatio <no-dsa> (Minor issue)
+	[jessie] - libmatio <no-dsa> (Minor issue, hard to backport)
 	NOTE: https://github.com/tbeu/matio/issues/103
 	NOTE: https://github.com/tbeu/matio/commit/a0539135c9b1ab7613aa7953279da9224da88775
 	NOTE: https://github.com/tbeu/matio/commit/2c20d2178017b3eb13ab160cef239648f9915bdb
 CVE-2019-9036 (An issue was discovered in libmatio.a in matio (aka MAT File I/O Libra ...)
 	- libmatio 1.5.13-2 (low; bug #924185)
 	[stretch] - libmatio <no-dsa> (Minor issue)
+	[jessie] - libmatio <no-dsa> (Minor issue, hard to backport)
 	NOTE: https://github.com/tbeu/matio/issues/103
 	NOTE: https://github.com/tbeu/matio/commit/a0539135c9b1ab7613aa7953279da9224da88775
 	NOTE: https://github.com/tbeu/matio/commit/2c20d2178017b3eb13ab160cef239648f9915bdb
@@ -71676,60 +71683,70 @@ CVE-2019-9036 (An issue was discovered in libmatio.a in matio (aka MAT File I/O
 CVE-2019-9035 (An issue was discovered in libmatio.a in matio (aka MAT File I/O Libra ...)
 	- libmatio 1.5.13-2 (low; bug #924185)
 	[stretch] - libmatio <no-dsa> (Minor issue)
+	[jessie] - libmatio <no-dsa> (Minor issue, hard to backport)
 	NOTE: https://github.com/tbeu/matio/issues/103
 	NOTE: https://github.com/tbeu/matio/commit/a0539135c9b1ab7613aa7953279da9224da88775
 	NOTE: https://github.com/tbeu/matio/commit/2c20d2178017b3eb13ab160cef239648f9915bdb
 CVE-2019-9034 (An issue was discovered in libmatio.a in matio (aka MAT File I/O Libra ...)
 	- libmatio 1.5.13-2 (low; bug #924185)
 	[stretch] - libmatio <no-dsa> (Minor issue)
+	[jessie] - libmatio <no-dsa> (Minor issue, hard to backport)
 	NOTE: https://github.com/tbeu/matio/issues/103
 	NOTE: https://github.com/tbeu/matio/commit/a0539135c9b1ab7613aa7953279da9224da88775
 	NOTE: https://github.com/tbeu/matio/commit/2c20d2178017b3eb13ab160cef239648f9915bdb
 CVE-2019-9033 (An issue was discovered in libmatio.a in matio (aka MAT File I/O Libra ...)
 	- libmatio 1.5.13-2 (low; bug #924185)
 	[stretch] - libmatio <no-dsa> (Minor issue)
+	[jessie] - libmatio <no-dsa> (Minor issue, hard to backport)
 	NOTE: https://github.com/tbeu/matio/issues/103
 	NOTE: https://github.com/tbeu/matio/commit/a0539135c9b1ab7613aa7953279da9224da88775
 	NOTE: https://github.com/tbeu/matio/commit/2c20d2178017b3eb13ab160cef239648f9915bdb
 CVE-2019-9032 (An issue was discovered in libmatio.a in matio (aka MAT File I/O Libra ...)
 	- libmatio 1.5.13-2 (low; bug #924185)
 	[stretch] - libmatio <no-dsa> (Minor issue)
+	[jessie] - libmatio <no-dsa> (Minor issue, hard to backport)
 	NOTE: https://github.com/tbeu/matio/issues/103
 	NOTE: https://github.com/tbeu/matio/commit/a0539135c9b1ab7613aa7953279da9224da88775
 	NOTE: https://github.com/tbeu/matio/commit/2c20d2178017b3eb13ab160cef239648f9915bdb
 CVE-2019-9031 (An issue was discovered in libmatio.a in matio (aka MAT File I/O Libra ...)
 	- libmatio 1.5.13-2 (low; bug #924185)
 	[stretch] - libmatio <no-dsa> (Minor issue)
+	[jessie] - libmatio <no-dsa> (Minor issue, hard to backport)
 	NOTE: https://github.com/tbeu/matio/issues/103
 	NOTE: https://github.com/tbeu/matio/commit/a0539135c9b1ab7613aa7953279da9224da88775
 	NOTE: https://github.com/tbeu/matio/commit/2c20d2178017b3eb13ab160cef239648f9915bdb
 CVE-2019-9030 (An issue was discovered in libmatio.a in matio (aka MAT File I/O Libra ...)
 	- libmatio 1.5.13-2 (low; bug #924185)
 	[stretch] - libmatio <no-dsa> (Minor issue)
+	[jessie] - libmatio <no-dsa> (Minor issue, hard to backport)
 	NOTE: https://github.com/tbeu/matio/issues/103
 	NOTE: https://github.com/tbeu/matio/commit/a0539135c9b1ab7613aa7953279da9224da88775
 	NOTE: https://github.com/tbeu/matio/commit/2c20d2178017b3eb13ab160cef239648f9915bdb
 CVE-2019-9029 (An issue was discovered in libmatio.a in matio (aka MAT File I/O Libra ...)
 	- libmatio 1.5.13-2 (low; bug #924185)
 	[stretch] - libmatio <no-dsa> (Minor issue)
+	[jessie] - libmatio <no-dsa> (Minor issue, hard to backport)
 	NOTE: https://github.com/tbeu/matio/issues/103
 	NOTE: https://github.com/tbeu/matio/commit/a0539135c9b1ab7613aa7953279da9224da88775
 	NOTE: https://github.com/tbeu/matio/commit/2c20d2178017b3eb13ab160cef239648f9915bdb
 CVE-2019-9028 (An issue was discovered in libmatio.a in matio (aka MAT File I/O Libra ...)
 	- libmatio 1.5.13-2 (low; bug #924185)
 	[stretch] - libmatio <no-dsa> (Minor issue)
+	[jessie] - libmatio <no-dsa> (Minor issue, hard to backport)
 	NOTE: https://github.com/tbeu/matio/issues/103
 	NOTE: https://github.com/tbeu/matio/commit/a0539135c9b1ab7613aa7953279da9224da88775
 	NOTE: https://github.com/tbeu/matio/commit/2c20d2178017b3eb13ab160cef239648f9915bdb
 CVE-2019-9027 (An issue was discovered in libmatio.a in matio (aka MAT File I/O Libra ...)
 	- libmatio 1.5.13-2 (low; bug #924185)
 	[stretch] - libmatio <no-dsa> (Minor issue)
+	[jessie] - libmatio <no-dsa> (Minor issue, hard to backport)
 	NOTE: https://github.com/tbeu/matio/issues/103
 	NOTE: https://github.com/tbeu/matio/commit/a0539135c9b1ab7613aa7953279da9224da88775
 	NOTE: https://github.com/tbeu/matio/commit/2c20d2178017b3eb13ab160cef239648f9915bdb
 CVE-2019-9026 (An issue was discovered in libmatio.a in matio (aka MAT File I/O Libra ...)
 	- libmatio 1.5.13-2 (low; bug #924185)
 	[stretch] - libmatio <no-dsa> (Minor issue)
+	[jessie] - libmatio <no-dsa> (Minor issue, hard to backport)
 	NOTE: https://github.com/tbeu/matio/issues/103
 	NOTE: https://github.com/tbeu/matio/commit/a0539135c9b1ab7613aa7953279da9224da88775
 	NOTE: https://github.com/tbeu/matio/commit/2c20d2178017b3eb13ab160cef239648f9915bdb



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dfefebaeae69692d399676132444ea796a3fba67

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dfefebaeae69692d399676132444ea796a3fba67
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200630/59e9de0e/attachment.html>


More information about the debian-security-tracker-commits mailing list