[Git][security-tracker-team/security-tracker][master] libwebp fixed in sid

Moritz Muehlenhoff (@jmm) jmm at debian.org
Sun Jun 6 17:00:55 BST 2021 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
9bfa30d5 by Moritz Mühlenhoff at 2021-06-06T18:00:22+02:00
libwebp fixed in sid

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -4256,7 +4256,7 @@ CVE-2021-32027 (A flaw was found in postgresql in versions before 13.3, before 1
 	NOTE: https://git.postgresql.org/gitweb/?p=postgresql.git;a=commit;h=467395bfdf33f1ccf67ca388ffdcc927271544cb (REL_13_3)
 CVE-2018-25014 (A flaw was found in libwebp in versions before 1.0.1. An unitialized v ...)
 	{DLA-2677-1}
-	- libwebp <unfixed>
+	- libwebp 0.6.1-2.1
 	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9496
 CVE-2021-3534
 	RESERVED
@@ -4655,28 +4655,28 @@ CVE-2021-31870 (An issue was discovered in klibc before 2.0.9. Multiplication in
 	NOTE: https://git.kernel.org/pub/scm/libs/klibc/klibc.git/commit/?id=292650f04c2b5348b4efbad61fb014ed09b4f3f2
 	NOTE: https://www.openwall.com/lists/oss-security/2021/04/30/1
 CVE-2020-36332 (A flaw was found in libwebp in versions before 1.0.1. When reading a f ...)
-	- libwebp <unfixed>
+	- libwebp 0.6.1-2.1
 	[stretch] - libwebp <ignored> (Patch is too destructive to implement it in oldstable. Minor issue)
 	NOTE: https://bugs.chromium.org/p/webp/issues/detail?id=391
 	NOTE: https://chromium.googlesource.com/webm/libwebp/+/39cb9aad85ca7bb1d193013460db1f8cc6bff109
 CVE-2020-36331 (A flaw was found in libwebp in versions before 1.0.1. An out-of-bounds ...)
 	{DLA-2677-1}
-	- libwebp <unfixed>
+	- libwebp 0.6.1-2.1
 	NOTE: https://bugs.chromium.org/p/webp/issues/detail?id=388
 	NOTE: https://chromium.googlesource.com/webm/libwebp/+/be738c6d396fa5a272c1b209be4379a7532debfe
 CVE-2020-36330 (A flaw was found in libwebp in versions before 1.0.1. An out-of-bounds ...)
 	{DLA-2677-1}
-	- libwebp <unfixed>
+	- libwebp 0.6.1-2.1
 	NOTE: https://bugs.chromium.org/p/webp/issues/detail?id=386
 	NOTE: https://chromium.googlesource.com/webm/libwebp/+/2c70ad76c94db5427d37ab4b85dc89b94dd75e01
 CVE-2020-36329 (A flaw was found in libwebp in versions before 1.0.1. A use-after-free ...)
 	{DLA-2677-1}
-	- libwebp <unfixed>
+	- libwebp 0.6.1-2.1
 	NOTE: https://bugs.chromium.org/p/webp/issues/detail?id=385
 	NOTE: https://chromium.googlesource.com/webm/libwebp/+/569001f19fc81fcb5ab358f587a54c62e7c4665c
 CVE-2020-36328 (A flaw was found in libwebp in versions before 1.0.1. A heap-based buf ...)
 	{DLA-2677-1}
-	- libwebp <unfixed>
+	- libwebp 0.6.1-2.1
 	NOTE: https://bugs.chromium.org/p/webp/issues/detail?id=383
 	NOTE: https://chromium.googlesource.com/webm/libwebp/+/71ed73cf86132394ea25ae9c7ed431e0d71043f5
 CVE-2020-36327 (Bundler 1.16.0 through 2.2.9 and 2.2.11 through 2.2.16 sometimes choos ...)
@@ -7449,26 +7449,26 @@ CVE-2020-36322 (An issue was discovered in the FUSE filesystem implementation in
 	NOTE: https://git.kernel.org/linus/5d069dbe8aaf2a197142558b6fb2978189ba3454
 CVE-2018-25013 (A flaw was found in libwebp in versions before 1.0.1. An out-of-bounds ...)
 	{DLA-2677-1}
-	- libwebp <unfixed>
+	- libwebp 0.6.1-2.1
 	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9417
 	NOTE: https://chromium.googlesource.com/webm/libwebp/+/907208f97ead639bd521cf355a2f203f462eade6
 CVE-2018-25012 (A flaw was found in libwebp in versions before 1.0.1. An out-of-bounds ...)
 	{DLA-2677-1}
-	- libwebp <unfixed>
+	- libwebp 0.6.1-2.1
 	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9123
 	NOTE: https://chromium.googlesource.com/webm/libwebp/+/95fd65070662e01cc9170c4444f5c0859a710097%5E%21/
 CVE-2018-25011 (A flaw was found in libwebp in versions before 1.0.1. A heap-based buf ...)
 	{DLA-2677-1}
-	- libwebp <unfixed>
+	- libwebp 0.6.1-2.1
 	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9119
 CVE-2018-25010 (A flaw was found in libwebp in versions before 1.0.1. An out-of-bounds ...)
 	{DLA-2677-1}
-	- libwebp <unfixed>
+	- libwebp 0.6.1-2.1
 	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9105
 	NOTE: https://chromium.googlesource.com/webm/libwebp/+/1344a2e947c749d231141a295327e5b99b444d63%5E%21/#F0
 CVE-2018-25009 (A flaw was found in libwebp in versions before 1.0.1. An out-of-bounds ...)
 	{DLA-2677-1}
-	- libwebp <unfixed>
+	- libwebp 0.6.1-2.1
 	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9100
 	NOTE: https://chromium.googlesource.com/webm/libwebp/+/95fd65070662e01cc9170c4444f5c0859a710097%5E%21/
 CVE-2018-25008 (In the standard library in Rust before 1.29.0, there is weak synchroni ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9bfa30d5c562c7136a9ce62a8c6babf0870cd189

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9bfa30d5c562c7136a9ce62a8c6babf0870cd189
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210606/af128f92/attachment.htm>

More information about the debian-security-tracker-commits mailing list