[Git][security-tracker-team/security-tracker][master] 3 commits: Mark CVE-2020-12268/jbig2dec as no-dsa for Jessie

Dylan Aïssi daissi at debian.org
Sun May 3 14:25:41 BST 2020



Dylan Aïssi pushed to branch master at Debian Security Tracker / security-tracker


Commits:
f6619424 by Dylan Aïssi at 2020-05-03T15:23:50+02:00
Mark CVE-2020-12268/jbig2dec as no-dsa for Jessie

- - - - -
142f45db by Dylan Aïssi at 2020-05-03T15:24:48+02:00
dla-needed: remove jbig2dec, only minor issue (no-dsa)

- - - - -
36d7340b by Dylan Aïssi at 2020-05-03T15:25:21+02:00
Merge branch 'master' of salsa.debian.org:security-tracker-team/security-tracker

- - - - -


2 changed files:

- data/CVE/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -804,6 +804,7 @@ CVE-2020-12269
 	RESERVED
 CVE-2020-12268 (jbig2_image_compose in jbig2_image.c in Artifex jbig2dec before 0.18 h ...)
 	- jbig2dec 0.18-1
+	[jessie] - jbig2dec <no-dsa> (Minor issue)
 	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=20332
 	NOTE: https://github.com/ArtifexSoftware/jbig2dec/commit/0726320a4b55078e9d8deb590e477d598b3da66e
 CVE-2020-12267 (setMarkdown in Qt before 5.14.2 has a use-after-free related to QTextM ...)


=====================================
data/dla-needed.txt
=====================================
@@ -29,8 +29,6 @@ bluez
 condor
   NOTE: 20200502: Upstream has only released workarounds; complete fix is still embargoed (roberto)
 --
-jbig2dec (Dylan Aïssi)
---
 libdatetime-timezone-perl (Emilio)
 --
 libmatio (Adrian Bunk)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/25aeb37abcd60226a96caabad96eeea14121aaf0...36d7340bcf7410425d9b43b89427f76dde313e46

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/25aeb37abcd60226a96caabad96eeea14121aaf0...36d7340bcf7410425d9b43b89427f76dde313e46
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200503/ce813af1/attachment-0001.html>


More information about the debian-security-tracker-commits mailing list