[Git][security-tracker-team/security-tracker][master] new libmatio, mbedtls issues (concludes external check)

Moritz Muehlenhoff (@jmm) jmm at debian.org
Mon Jul 26 14:47:00 BST 2021 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
b93faf35 by Moritz Muehlenhoff at 2021-07-26T15:46:02+02:00
new libmatio, mbedtls issues (concludes external check)

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -31937,7 +31937,9 @@ CVE-2021-24121
 CVE-2021-24120
 	RESERVED
 CVE-2021-24119 (In Trusted Firmware Mbed TLS 2.24.0, a side-channel vulnerability in b ...)
-	TODO: check
+	- mbedtls <unfixed>
+	[bullseye] - mbedtls <no-dsa> (Minor issue)
+	[buster] - mbedtls <no-dsa> (Minor issue)
 CVE-2021-24118
 	RESERVED
 CVE-2021-24117 (In Rust SGX 1.1.3, a side-channel vulnerability in base64 PEM file dec ...)
@@ -72329,7 +72331,10 @@ CVE-2020-19498 (Floating point exception in function Fraction in libheif 1.4.0,
 	NOTE: https://github.com/strukturag/libheif/issues/139
 	NOTE: https://github.com/strukturag/libheif/commit/2710c930918609caaf0a664e9c7bc3dce05d5b58
 CVE-2020-19497 (Integer overflow vulnerability in Mat_VarReadNextInfo5 in mat5.c in tb ...)
-	TODO: check
+	- libmatio 1.5.19-2
+	[buster] - libmatio <no-dsa> (Minor issue)
+	NOTE: https://github.com/tbeu/matio/commit/5fa49ef9fc4368fe3d19b5fdaa36d8fa5e7f4606 (v1.5.18)
+	NOTE: https://github.com/tbeu/matio/issues/121
 CVE-2020-19496
 	RESERVED
 CVE-2020-19495



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b93faf35c61d4c51d50e99026084fa5f91b41cdc

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b93faf35c61d4c51d50e99026084fa5f91b41cdc
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210726/9e07f413/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list