[Git][security-tracker-team/security-tracker][master] 2 commits: Add CVE-2021-33481/gocr

Fri May 21 05:41:24 BST 2021


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
d0c7b265 by Salvatore Bonaccorso at 2021-05-21T06:39:54+02:00
Add CVE-2021-33481/gocr

- - - - -
44030de6 by Salvatore Bonaccorso at 2021-05-21T06:40:57+02:00
Add CVE-2021-33480/gocr

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -600,6 +600,13 @@ CVE-2020-36365 (Smartstore (aka SmartStoreNET) before 4.1.0 allows CommonControl
 	NOT-FOR-US: Smartstore (aka SmartStoreNET)
 CVE-2020-36364 (An issue was discovered in Smartstore (aka SmartStoreNET) before 4.1.0 ...)
 	NOT-FOR-US: Smartstore (aka SmartStoreNET)
+CVE-2021-33481 [stack-based buffer overflow in try_to_divide_boxes() in pgm2asc.c]
+	- gocr <unfixed>
+	NOTE: https://sourceforge.net/p/jocr/bugs/42/
+CVE-2021-33480 [use-after-free in context_correction() in pgm2asc.c]
+	- gocr <unfixed>
+	NOTE: https://sourceforge.net/p/jocr/bugs/40/
+	NOTE: https://sourceforge.net/p/jocr/bugs/41/
 CVE-2021-33477 [(remote) code execution via ESC G Q]
 	- rxvt <removed>
 	- rxvt-unicode <unfixed> (bug #988763)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/5a1f442e8958855dfa4b5ca4d9cf79c0a5529aba...44030de6e006c393885fcbafe842020e85a93992

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/5a1f442e8958855dfa4b5ca4d9cf79c0a5529aba...44030de6e006c393885fcbafe842020e85a93992
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210521/7b5adb7e/attachment-0001.htm>
