[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Fri Aug 20 09:10:32 BST 2021
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
515e7cb7 by security tracker role at 2021-08-20T08:10:23+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -41559,7 +41559,7 @@ CVE-2021-21857 (Multiple exploitable integer overflow vulnerabilities exist with
NOTE: https://github.com/gpac/gpac/commit/bbd741e0e5a6e7e1e90a73c350acc061dde9450b
NOTE: https://github.com/gpac/gpac/issues/1814
CVE-2021-21856 (Multiple exploitable integer overflow vulnerabilities exist within the ...)
- - gpac <not-affected> (Vulnerable code not present)
+ - gpac <not-affected> (Vulnerable code not present)
NOTE: Introduced in https://github.com/gpac/gpac/commit/35c4644cb5
NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2021-1299
NOTE: https://github.com/gpac/gpac/commit/bbd741e0e5a6e7e1e90a73c350acc061dde9450b
@@ -78310,14 +78310,14 @@ CVE-2020-18902
RESERVED
CVE-2020-18901
RESERVED
-CVE-2020-18900
- RESERVED
-CVE-2020-18899
- RESERVED
-CVE-2020-18898
- RESERVED
-CVE-2020-18897
- RESERVED
+CVE-2020-18900 (A heap-based buffer overflow in the libexe_io_handle_read_coff_optiona ...)
+ TODO: check
+CVE-2020-18899 (An uncontrolled memory allocation in DataBufdata(subBox.length-sizeof( ...)
+ TODO: check
+CVE-2020-18898 (A stack exhaustion issue in the printIFDStructure function of Exiv2 0. ...)
+ TODO: check
+CVE-2020-18897 (An use-after-free vulnerability in the libpff_item_tree_create_node fu ...)
+ TODO: check
CVE-2020-18896
RESERVED
CVE-2020-18895
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/515e7cb7c425ed0696571fffad50cb1b8b1cfdc7
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/515e7cb7c425ed0696571fffad50cb1b8b1cfdc7
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210820/29d32a0e/attachment.htm>
More information about the debian-security-tracker-commits
mailing list