[Git][security-tracker-team/security-tracker][master] 2 commits: two CVEs of jbig2dec fixed in recent upload
Thorsten Alteholz (@alteholz)
alteholz at debian.org
Fri Oct 29 00:02:20 BST 2021
Thorsten Alteholz pushed to branch master at Debian Security Tracker / security-tracker
Commits:
43fb0cc1 by Thorsten Alteholz at 2021-10-29T01:01:49+02:00
two CVEs of jbig2dec fixed in recent upload
- - - - -
1224608d by Thorsten Alteholz at 2021-10-29T01:01:50+02:00
Reserve DLA-2796-1 for jbig2dec
- - - - -
2 changed files:
- data/CVE/list
- data/DLA/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -106202,7 +106202,6 @@ CVE-2020-12269
CVE-2020-12268 (jbig2_image_compose in jbig2_image.c in Artifex jbig2dec before 0.18 h ...)
- jbig2dec 0.18-1
[buster] - jbig2dec <no-dsa> (Minor issue)
- [stretch] - jbig2dec <no-dsa> (Minor issue)
[jessie] - jbig2dec <no-dsa> (Minor issue)
NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=20332
NOTE: https://github.com/ArtifexSoftware/jbig2dec/commit/0726320a4b55078e9d8deb590e477d598b3da66e
@@ -275170,7 +275169,6 @@ CVE-2017-9217 (systemd-resolved through 233 allows remote attackers to cause a d
NOTE: https://github.com/systemd/systemd/pull/5998
CVE-2017-9216 (libjbig2dec.a in Artifex jbig2dec 0.13, as used in MuPDF and Ghostscri ...)
- jbig2dec 0.13-5 (bug #863279)
- [stretch] - jbig2dec <no-dsa> (Minor issue)
[jessie] - jbig2dec <no-dsa> (Minor issue)
[wheezy] - jbig2dec <no-dsa> (Minor issue, can be fixed in a future update)
NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=697934
=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[29 Oct 2021] DLA-2796-1 jbig2dec - security update
+ {CVE-2017-9216 CVE-2020-12268}
+ [stretch] - jbig2dec 0.13-4.1+deb9u1
[29 Oct 2021] DLA-2795-1 gpsd - security update
{CVE-2018-17937}
[stretch] - gpsd 3.16-4+deb9u1
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/3db6c83bc58c675be66d669e000975a07d2211f5...1224608d9fe80774ebf2560832a490dcae1c2178
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/3db6c83bc58c675be66d669e000975a07d2211f5...1224608d9fe80774ebf2560832a490dcae1c2178
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20211028/d43ad693/attachment.htm>
More information about the debian-security-tracker-commits
mailing list