[Git][security-tracker-team/security-tracker][master] 3 commits: Mark CVE-2020-12268/jbig2dec as no-dsa for Jessie
Dylan Aïssi
daissi at debian.org
Sun May 3 14:25:41 BST 2020
Dylan Aïssi pushed to branch master at Debian Security Tracker / security-tracker
Commits:
f6619424 by Dylan Aïssi at 2020-05-03T15:23:50+02:00
Mark CVE-2020-12268/jbig2dec as no-dsa for Jessie
- - - - -
142f45db by Dylan Aïssi at 2020-05-03T15:24:48+02:00
dla-needed: remove jbig2dec, only minor issue (no-dsa)
- - - - -
36d7340b by Dylan Aïssi at 2020-05-03T15:25:21+02:00
Merge branch 'master' of salsa.debian.org:security-tracker-team/security-tracker
- - - - -
2 changed files:
- data/CVE/list
- data/dla-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -804,6 +804,7 @@ CVE-2020-12269
RESERVED
CVE-2020-12268 (jbig2_image_compose in jbig2_image.c in Artifex jbig2dec before 0.18 h ...)
- jbig2dec 0.18-1
+ [jessie] - jbig2dec <no-dsa> (Minor issue)
NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=20332
NOTE: https://github.com/ArtifexSoftware/jbig2dec/commit/0726320a4b55078e9d8deb590e477d598b3da66e
CVE-2020-12267 (setMarkdown in Qt before 5.14.2 has a use-after-free related to QTextM ...)
=====================================
data/dla-needed.txt
=====================================
@@ -29,8 +29,6 @@ bluez
condor
NOTE: 20200502: Upstream has only released workarounds; complete fix is still embargoed (roberto)
--
-jbig2dec (Dylan Aïssi)
---
libdatetime-timezone-perl (Emilio)
--
libmatio (Adrian Bunk)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/25aeb37abcd60226a96caabad96eeea14121aaf0...36d7340bcf7410425d9b43b89427f76dde313e46
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/25aeb37abcd60226a96caabad96eeea14121aaf0...36d7340bcf7410425d9b43b89427f76dde313e46
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200503/ce813af1/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list