[Git][security-tracker-team/security-tracker][master] Track upstream fixes for CVE-2021-44648
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Fri Aug 12 19:59:15 BST 2022
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
3a1fb57c by Salvatore Bonaccorso at 2022-08-12T20:58:53+02:00
Track upstream fixes for CVE-2021-44648
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -51260,6 +51260,8 @@ CVE-2021-44648 (GNOME gdk-pixbuf 2.42.6 is vulnerable to a heap-buffer overflow
NOTE: https://sahildhar.github.io/blogpost/GdkPixbuf-Heap-Buffer-Overflow-in-lzw_decoder_new/
NOTE: Introduced by: https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/commit/b88f1ce91a610a4e491a4ad6352183791e78afac (2.39.2)
NOTE: https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/merge_requests/130
+ NOTE: Fixed by: https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/commit/19ebba03117aefc9d0312f675f3a210ffdcc4907 (2.42.9)
+ NOTE: Tests: https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/commit/449441210921c8ed417b0c4d5edbccd2d57e23f8
CVE-2021-44647 (Lua v5.4.3 and above are affected by SEGV by type confusion in funcnam ...)
- lua5.4 5.4.4-1 (bug #1004189)
[bullseye] - lua5.4 <no-dsa> (Minor issue)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3a1fb57c33c888bb25672c0fab5e3d99fa0c8642
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3a1fb57c33c888bb25672c0fab5e3d99fa0c8642
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220812/5529e898/attachment.htm>
More information about the debian-security-tracker-commits
mailing list