[Git][security-tracker-team/security-tracker][master] Update information for CVE-2020-6851/openjpeg2

Salvatore Bonaccorso carnil at debian.org
Wed Jan 27 15:38:25 GMT 2021



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
6874aed7 by Salvatore Bonaccorso at 2021-01-27T16:37:57+01:00
Update information for CVE-2020-6851/openjpeg2

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -75841,10 +75841,10 @@ CVE-2020-6852 (CACAGOO Cloud Storage Intelligent Camera TV-288ZD-2MP with firmwa
 	NOT-FOR-US: CACAGOO Cloud Storage Intelligent Camera TV-288ZD-2MP
 CVE-2020-6851 (OpenJPEG through 2.3.1 has a heap-based buffer overflow in opj_t1_clbl ...)
 	{DLA-2277-1 DLA-2081-1}
-	- openjpeg2 <unfixed> (bug #950000)
+	- openjpeg2 2.4.0-1 (bug #950000)
 	[buster] - openjpeg2 <no-dsa> (Minor issue)
 	NOTE: https://github.com/uclouvain/openjpeg/issues/1228
-	NOTE: https://github.com/uclouvain/openjpeg/commit/024b8407392cb0b82b04b58ed256094ed5799e04
+	NOTE: https://github.com/uclouvain/openjpeg/commit/024b8407392cb0b82b04b58ed256094ed5799e04 (v2.4.0)
 CVE-2020-6850 (Utilities.php in the miniorange-saml-20-single-sign-on plugin before 4 ...)
 	NOT-FOR-US: miniorange-saml-20-single-sign-on plugin for WordPress
 CVE-2020-6849 (The marketo-forms-and-tracking plugin through 1.0.2 for WordPress allo ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6874aed7aac55e9cae4c53d93bc3a0d4ceb4474f

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6874aed7aac55e9cae4c53d93bc3a0d4ceb4474f
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210127/6a14b03e/attachment.html>


More information about the debian-security-tracker-commits mailing list