[Git][security-tracker-team/security-tracker][master] Add CVE-2021-20240/gdk-pixbuf
Salvatore Bonaccorso
carnil at debian.org
Tue Feb 16 08:06:24 GMT 2021
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
d605c27b by Salvatore Bonaccorso at 2021-02-16T09:05:55+01:00
Add CVE-2021-20240/gdk-pixbuf
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -16756,8 +16756,13 @@ CVE-2021-20242
RESERVED
CVE-2021-20241
RESERVED
-CVE-2021-20240
+CVE-2021-20240 [integer underflow in the GIF loader of gdk-pixbuf via crafted input leads to segmentation fault]
RESERVED
+ - gdk-pixbuf 2.42.2+dfsg-1
+ NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1926787
+ NOTE: https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/issues/132
+ NOTE: Fixed by: https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/commit/086e8adf4cc352cd11572f96066b001b545f354e (2.42.0)
+ TODO: check introducing commit possibly in 2.39.2 only
CVE-2021-20239 [Untrusted Pointer Dereference in setsockopt system call]
RESERVED
- linux 5.10.4-1
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d605c27bcd8e2d85d6fad566a7bc690a828229a7
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d605c27bcd8e2d85d6fad566a7bc690a828229a7
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210216/34b9f227/attachment.html>
More information about the debian-security-tracker-commits
mailing list