[Git][security-tracker-team/security-tracker][master] LTS: add gerbv

Anton Gladky (@gladk) gladk at debian.org
Sun Nov 7 10:46:55 GMT 2021 


Anton Gladky pushed to branch master at Debian Security Tracker / security-tracker


Commits:
b8024c66 by Anton Gladky at 2021-11-07T11:46:40+01:00
LTS: add gerbv

- - - - -


2 changed files:

- data/CVE/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -9187,6 +9187,8 @@ CVE-2021-40391 [Gerbv drill format T-code tool number out-of-bounds write vulner
 	[bullseye] - gerbv <no-dsa> (Minor issue)
 	[buster] - gerbv <no-dsa> (Minor issue)
 	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2021-1402
+	NOTE: https://github.com/gerbv/gerbv/commit/9f83950b772b37b49ee188300e444546e6aab17e
+	NOTE: https://github.com/gerbv/gerbv/issues/30
 CVE-2021-40390
 	RESERVED
 CVE-2021-40389


=====================================
data/dla-needed.txt
=====================================
@@ -47,6 +47,11 @@ firmware-nonfree
   NOTE: 20210731: WIP: https://salsa.debian.org/lts-team/packages/firmware-nonfree
   NOTE: 20210828: Most CVEs are difficult to backport. Contacted Ben regarding possible "ignore" tag
 --
+gerbv
+  NOTE: 20210711: The fix has only one-line! But... be sure that the fix will help. (Anton)
+  NOTE: 20210711: Please take the package if you can reproduce the issue with valgrind/AddressSanitizer/Leaksanitizer (Anton)
+  NOTE: 20210711: The simple fix will unlikely help. (Anton)
+--
 gpac (Roberto C. Sánchez)
   NOTE: 20211101: coordinating with secteam for s-p-u since stretch/buster versions match (roberto)
 --



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b8024c66e37652cf8316f9b3417dd91ec368ad45

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b8024c66e37652cf8316f9b3417dd91ec368ad45
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20211107/0681181f/attachment.htm>

More information about the debian-security-tracker-commits mailing list