[Git][security-tracker-team/security-tracker][master] CVE-2020-21048/libsixel fixed in bullseye & later

Neil Williams (@codehelp) codehelp at debian.org
Wed Sep 15 10:09:35 BST 2021



Neil Williams pushed to branch master at Debian Security Tracker / security-tracker


Commits:
3359c554 by Neil Williams at 2021-09-15T10:09:15+01:00
CVE-2020-21048/libsixel fixed in bullseye & later

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -78346,7 +78346,12 @@ CVE-2020-21050 (Libsixel prior to v1.8.3 contains a stack buffer overflow in the
 CVE-2020-21049 (An invalid read in the stb_image.h component of libsixel prior to v1.8 ...)
 	TODO: check
 CVE-2020-21048 (An issue in the dither.c component of libsixel prior to v1.8.4 allows  ...)
-	TODO: check
+	- libsixel 1.8.6-1
+	[buster] - libsixel <unfixed>
+	[stretch] - libsixel <unfixed>
+	NOTE: https://github.com/saitoha/libsixel/issues/73
+	NOTE: https://github.com/saitoha/libsixel/commit/cb373ab6614c910407c5e5a93ab935144e62b037
+	NOTE: https://github.com/saitoha/libsixel/commit/26ac06f3623279348f0dce2d191a9b6ca0c80226
 CVE-2020-21047
 	RESERVED
 CVE-2020-21046



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3359c554d08d4db4815449e987008c6bf4b3f144

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3359c554d08d4db4815449e987008c6bf4b3f144
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210915/cf8d9ac1/attachment.htm>


More information about the debian-security-tracker-commits mailing list