[Git][security-tracker-team/security-tracker][master] Further update CVE-2020-27844 status

Salvatore Bonaccorso carnil at debian.org
Tue Mar 16 15:41:15 GMT 2021



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
a575ed36 by Salvatore Bonaccorso at 2021-03-16T16:40:08+01:00
Further update CVE-2020-27844 status

As Emilio has found this never affected an upstream tagged version nor a
Debian released version. We can mark every unstable version as well as
not affected.

Thanks: Emilio Pozuelo Monfort

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -30655,11 +30655,9 @@ CVE-2020-27845 (There's a flaw in src/lib/openjp2/pi.c of openjpeg in versions p
 	NOTE: https://github.com/uclouvain/openjpeg/issues/1302
 	NOTE: https://github.com/uclouvain/openjpeg/commit/8f5aff1dff510a964d3901d0fba281abec98ab63 (v2.4.0)
 CVE-2020-27844 (A flaw was found in openjpeg's src/lib/openjp2/t2.c in versions prior  ...)
-	- openjpeg2 2.4.0-1
-	[buster] - openjpeg2 <not-affected> (Vulnerable code introduced and fixed in 2.4.0)
-	[stretch] - openjpeg2 <not-affected> (Vulnerable code introduced and fixed in 2.4.0)
+	- openjpeg2 <not-affected> (Vulnerable code introduced and fixed in 2.4.0)
 	NOTE: https://github.com/uclouvain/openjpeg/issues/1299
-	NOTE: https://github.com/uclouvain/openjpeg/commit/73fdf28342e4594019af26eb6a347a34eceb6296 (v2.4.0)
+	NOTE: Fixed by: https://github.com/uclouvain/openjpeg/commit/73fdf28342e4594019af26eb6a347a34eceb6296 (v2.4.0)
 	NOTE: Introduced by: https://github.com/uclouvain/openjpeg/commit/4edb8c83374f52cd6a8f2c7c875e8ffacccb5fa5
 CVE-2020-27843 (A flaw was found in OpenJPEG in versions prior to 2.4.0. This flaw all ...)
 	- openjpeg2 2.4.0-1 (bug #983663)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a575ed3666b18379cd9b166829f034d0aa640a58

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a575ed3666b18379cd9b166829f034d0aa640a58
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210316/56d6f8ef/attachment.htm>


More information about the debian-security-tracker-commits mailing list