[Git][security-tracker-team/security-tracker][master] Update information on CVE-2019-12973/openjpeg2

Salvatore Bonaccorso carnil at debian.org
Wed Jan 27 15:23:04 GMT 2021 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
c1200825 by Salvatore Bonaccorso at 2021-01-27T16:22:38+01:00
Update information on CVE-2019-12973/openjpeg2

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -113819,12 +113819,12 @@ CVE-2019-12974 (A NULL pointer dereference in the function ReadPANGOImage in cod
 	NOTE: https://github.com/ImageMagick/ImageMagick6/commit/b4391bdd60df0a77e97a6ef1674f2ffef0e19e24
 CVE-2019-12973 (In OpenJPEG 2.3.1, there is excessive iteration in the opj_t1_encode_c ...)
 	{DLA-2277-1}
-	- openjpeg2 <unfixed> (bug #931292)
+	- openjpeg2 2.4.0-1 (bug #931292)
 	[buster] - openjpeg2 <no-dsa> (Minor issue)
 	[jessie] - openjpeg2 <not-affected> (vulnerable code is not present)
 	NOTE: https://github.com/uclouvain/openjpeg/pull/1185
-	NOTE: https://github.com/uclouvain/openjpeg/commit/21399f6b7d318fcdf4406d5e88723c4922202aa3
-	NOTE: https://github.com/uclouvain/openjpeg/commit/3aef207f90e937d4931daf6d411e092f76d82e66
+	NOTE: https://github.com/uclouvain/openjpeg/commit/21399f6b7d318fcdf4406d5e88723c4922202aa3 (v2.4.0)
+	NOTE: https://github.com/uclouvain/openjpeg/commit/3aef207f90e937d4931daf6d411e092f76d82e66 (v2.4.0)
 	NOTE: Issue is similar to CVE-2018-6616.
 CVE-2019-12972 (An issue was discovered in the Binary File Descriptor (BFD) library (a ...)
 	- binutils 2.32.51.20190707-1 (unimportant)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c1200825c1f00c2b87326c1c2b52b84e1a603024

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c1200825c1f00c2b87326c1c2b52b84e1a603024
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210127/95f5bb43/attachment.html>

More information about the debian-security-tracker-commits mailing list