[Git][security-tracker-team/security-tracker][master] Update information on CVE-2021-20240/gdk-pixbuf
Salvatore Bonaccorso
carnil at debian.org
Tue Feb 16 12:00:14 GMT 2021
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
955e19f1 by Salvatore Bonaccorso at 2021-02-16T12:59:43+01:00
Update information on CVE-2021-20240/gdk-pixbuf
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -16803,11 +16803,12 @@ CVE-2021-20241
CVE-2021-20240 [integer underflow in the GIF loader of gdk-pixbuf via crafted input leads to segmentation fault]
RESERVED
- gdk-pixbuf 2.42.2+dfsg-1
+ [buster] - gdk-pixbuf <not-affected> (Vulnerable code introduced later)
[stretch] - gdk-pixbuf <not-affected> (Vulnerable code added later)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1926787
NOTE: https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/issues/132
+ NOTE: Vulnerable code introduced in https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/commit/4e7b5345d2fc8f0d1dee93d8ba9ab805bc95d42f (2.39.2)
NOTE: Fixed by: https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/commit/086e8adf4cc352cd11572f96066b001b545f354e (2.42.0)
- TODO: check introducing commit possibly in 2.39.2 only
CVE-2021-20239 [Untrusted Pointer Dereference in setsockopt system call]
RESERVED
- linux 5.10.4-1
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/955e19f170fbd7ac4b9f554d34cd2216caa1ed81
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/955e19f170fbd7ac4b9f554d34cd2216caa1ed81
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210216/0d258a3b/attachment.html>
More information about the debian-security-tracker-commits
mailing list