[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sat Aug 14 21:10:27 BST 2021 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
2ee8df1d by security tracker role at 2021-08-14T20:10:19+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1357,6 +1357,7 @@ CVE-2021-38115 (read_header_tga in gd_tga.c in the GD Graphics Library (aka LibG
 	NOTE: https://github.com/libgd/libgd/issues/697
 	NOTE: https://github.com/libgd/libgd/commit/8b111b2b4a4842179be66db68d84dda91a246032
 CVE-2021-38114 (libavcodec/dnxhddec.c in FFmpeg 4.4 does not check the return value of ...)
+	{DLA-2742-1}
 	- ffmpeg <unfixed>
 	[bullseye] - ffmpeg <postponed> (Wait for 4.3.3)
 	[buster] - ffmpeg <postponed> (Wait for 4.1.7)
@@ -11637,6 +11638,7 @@ CVE-2021-33586 (InspIRCd 3.8.0 through 3.9.x before 3.10.0 allows any user (able
 	NOTE: https://docs.inspircd.org/security/2021-01/
 	NOTE: https://github.com/inspircd/inspircd/commit/4350a11c663b0d75f8119743bffb7736d87abd4d
 CVE-2021-3566 (Prior to ffmpeg version 4.3, the tty demuxer did not have a 'read_prob ...)
+	{DLA-2742-1}
 	- ffmpeg 7:4.3-2
 	[buster] - ffmpeg <postponed> (Wait for 4.1.7)
 	NOTE: https://github.com/FFmpeg/FFmpeg/commit/3bce9e9b3ea35c54bacccc793d7da99ea5157532
@@ -70315,6 +70317,7 @@ CVE-2020-22037 (A Denial of Service vulnerability exists in FFmpeg 4.2 due to a
 	- ffmpeg <unfixed> (unimportant)
 	NOTE: https://trac.ffmpeg.org/ticket/8281
 CVE-2020-22036 (A heap-based Buffer Overflow vulnerability exists in FFmpeg 4.2 in fil ...)
+	{DLA-2742-1}
 	- ffmpeg 7:4.3-2
 	[buster] - ffmpeg <postponed> (Wait for 4.1.7)
 	NOTE: https://trac.ffmpeg.org/ticket/8261
@@ -70339,11 +70342,13 @@ CVE-2020-22033 (A heap-based Buffer Overflow Vulnerability exists FFmpeg 4.2 at
 	NOTE: https://trac.ffmpeg.org/ticket/8241
 	NOTE: https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=82ad1b76751bcfad5005440db48c46a4de5d6f02
 CVE-2020-22032 (A heap-based Buffer Overflow vulnerability exists FFmpeg 4.2 at libavf ...)
+	{DLA-2742-1}
 	- ffmpeg 7:4.3-2
 	[buster] - ffmpeg <postponed> (Wait for 4.1.7)
 	NOTE: https://trac.ffmpeg.org/ticket/8275
 	NOTE: https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=de598f82f8c3f8000e1948548e8088148e2b1f44
 CVE-2020-22031 (A Heap-based Buffer Overflow vulnerability exists in FFmpeg 4.2 at lib ...)
+	{DLA-2742-1}
 	- ffmpeg 7:4.3-2
 	[buster] - ffmpeg <postponed> (Wait for 4.1.7)
 	NOTE: https://trac.ffmpeg.org/ticket/8243
@@ -70361,6 +70366,7 @@ CVE-2020-22029 (A heap-based Buffer Overflow vulnerability exists in FFmpeg 4.2
 	NOTE: https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=a7fd1279703683ebb548ef7baa2f1519994496ae
 	NOTE: https://trac.ffmpeg.org/ticket/8250
 CVE-2020-22028 (Buffer Overflow vulnerability exists in FFmpeg 4.2 in filter_verticall ...)
+	{DLA-2742-1}
 	- ffmpeg 7:4.3-2
 	[buster] - ffmpeg <postponed> (Wait for 4.1.7)
 	NOTE: https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=f069a9c2a65bc20c3462127623127df6dfd06c5b
@@ -70372,11 +70378,13 @@ CVE-2020-22027 (A heap-based Buffer Overflow vulnerability exits in FFmpeg 4.2 i
 	NOTE: https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=e787f8fd7ee99ba0c3e0f086ce2ce59eea7ed86c
 	NOTE: https://trac.ffmpeg.org/ticket/8242
 CVE-2020-22026 (Buffer Overflow vulnerability exists in FFmpeg 4.2 in the config_input ...)
+	{DLA-2742-1}
 	- ffmpeg 7:4.3-2
 	[buster] - ffmpeg <postponed> (Wait for 4.1.7)
 	NOTE: https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=58bb9d3a3a6ede1c6cfb82bf671a5f138e6b2144
 	NOTE: https://trac.ffmpeg.org/ticket/8317
 CVE-2020-22025 (A heap-based Buffer Overflow vulnerability exists in gaussian_blur at  ...)
+	{DLA-2742-1}
 	- ffmpeg 7:4.3-2
 	[buster] - ffmpeg <postponed> (Wait for 4.1.7)
 	NOTE: https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=ccf4ab8c9aca0aee66bcc2914031a9c97ac0eeb8
@@ -70388,21 +70396,25 @@ CVE-2020-22024 (Buffer Overflow vulnerability in FFmpeg 4.2 at the lagfun_frame1
 	NOTE: https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=723d69f99cd26db9687ed2d24d06afaff624daf3
 	NOTE: https://trac.ffmpeg.org/ticket/8310
 CVE-2020-22023 (A heap-based Buffer Overflow vulnerabililty exists in FFmpeg 4.2 in fi ...)
+	{DLA-2742-1}
 	- ffmpeg 7:4.3-2
 	[buster] - ffmpeg <postponed> (Wait for 4.1.7)
 	NOTE: https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=0b567238741854b41f84f7457686b044eadfe29c
 	NOTE: https://trac.ffmpeg.org/ticket/8244
 CVE-2020-22022 (A heap-based Buffer Overflow vulnerability exists in FFmpeg 4.2 in fil ...)
+	{DLA-2742-1}
 	- ffmpeg 7:4.3-2
 	[buster] - ffmpeg <postponed> (Wait for 4.1.7)
 	NOTE: https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=07050d7bdc32d82e53ee5bb727f5882323d00dba
 	NOTE: https://trac.ffmpeg.org/ticket/8264
 CVE-2020-22021 (Buffer Overflow vulnerability in FFmpeg 4.2 at filter_edges function i ...)
+	{DLA-2742-1}
 	- ffmpeg 7:4.3.2-0+deb11u2 (bug #989439)
 	[buster] - ffmpeg <postponed> (Wait for 4.1.7)
 	NOTE: https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=7971f62120a55c141ec437aa3f0bacc1c1a3526b
 	NOTE: https://trac.ffmpeg.org/ticket/8240
 CVE-2020-22020 (Buffer Overflow vulnerability in FFmpeg 4.2 in the build_diff_map func ...)
+	{DLA-2742-1}
 	- ffmpeg 7:4.3-2
 	[buster] - ffmpeg <postponed> (Wait for 4.1.7)
 	NOTE: https://trac.ffmpeg.org/ticket/8239
@@ -70423,11 +70435,13 @@ CVE-2020-22017 (A heap-based Buffer Overflow vulnerability exists in FFmpeg 4.2
 	NOTE: https://trac.ffmpeg.org/ticket/8309
 	NOTE: https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=d4d6b7b0355f3597cad3b8d12911790c73b5f96d
 CVE-2020-22016 (A heap-based Buffer Overflow vulnerability in FFmpeg 4.2 at libavcodec ...)
+	{DLA-2742-1}
 	- ffmpeg 7:4.2.2-1
 	[buster] - ffmpeg <postponed> (Wait for 4.1.7)
 	NOTE: https://trac.ffmpeg.org/ticket/8183
 	NOTE: https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=58aa0ed8f10753ee90f4a4a1f4f3da803cf7c145
 CVE-2020-22015 (Buffer Overflow vulnerability in FFmpeg 4.2 in mov_write_video_tag due ...)
+	{DLA-2742-1}
 	- ffmpeg 7:4.3.2-0+deb11u2 (bug #989439)
 	[buster] - ffmpeg <ignored> (Minor issue)
 	NOTE: https://trac.ffmpeg.org/ticket/8190
@@ -72419,6 +72433,7 @@ CVE-2020-21043
 CVE-2020-21042
 	RESERVED
 CVE-2020-21041 (Buffer Overflow vulnerability exists in FFmpeg 4.1 via apng_do_inverse ...)
+	{DLA-2742-1}
 	[experimental] - ffmpeg 7:4.4-1
 	- ffmpeg 7:4.3.2-0+deb11u2 (bug #989439)
 	[buster] - ffmpeg <postponed> (Wait for 4.1.7)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2ee8df1d22780be0c9862fba845d2dfc8bc58258

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2ee8df1d22780be0c9862fba845d2dfc8bc58258
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210814/47dfdb9a/attachment.htm>

More information about the debian-security-tracker-commits mailing list