[Git][security-tracker-team/security-tracker][master] libavif already fixed in sid

Thu Jul 1 12:33:23 BST 2021


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
9d0ab439 by Moritz Muehlenhoff at 2021-07-01T13:32:54+02:00
libavif already fixed in sid
glibc no-dsa

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -42,7 +42,7 @@ CVE-2021-36081 (Tesseract OCR 5.0.0-alpha-20201231 has a one_ell_conflict use-af
 CVE-2021-36080 (GNU LibreDWG 0.12.3.4163 through 0.12.3.4191 has a double-free in bit_ ...)
 	- libredwg <itp> (bug #595191)
 CVE-2020-36407 (libavif 0.8.0 and 0.8.1 has an out-of-bounds write in avifDecoderDataF ...)
-	- libavif <unfixed>
+	- libavif 0.8.2-1
 	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=24811
 	NOTE: https://github.com/AOMediaCodec/libavif/commit/0a8e7244d494ae98e9756355dfbfb6697ded2ff9
 	NOTE: https://github.com/google/oss-fuzz-vulns/blob/main/vulns/libavif/OSV-2020-1597.yaml
@@ -378,6 +378,8 @@ CVE-2021-35943
 CVE-2021-35942 [Wild read in wordexp (parse_param)]
 	RESERVED
 	- glibc <unfixed>
+	[bullseye] - glibc <no-dsa> (Minor issue)
+	[buster] - glibc <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=28011
 	NOTE: https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=5adda61f62b77384718b4c0d8336ade8f2b4b35c
 CVE-2021-35941 (Western Digital WD My Book Live (2.x and later) and WD My Book Live Du ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9d0ab4396a35e37c15251e438ec90558bd2e56cd

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9d0ab4396a35e37c15251e438ec90558bd2e56cd
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210701/79a192fe/attachment.htm>
