[Git][security-tracker-team/security-tracker][master] Add CVE-2020-35511/pngcheck

Salvatore Bonaccorso (@carnil) carnil at debian.org
Fri Aug 26 08:21:57 BST 2022



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
36823f89 by Salvatore Bonaccorso at 2022-08-26T09:21:27+02:00
Add CVE-2020-35511/pngcheck

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -120970,7 +120970,9 @@ CVE-2020-35512 (A use-after-free flaw was found in D-Bus Development branch <
 	NOTE: https://gitlab.freedesktop.org/dbus/dbus/-/commit/f3b2574f0c9faa32a59efec905921f7ef4438a60 (dbus-1.12.20)
 	NOTE: https://gitlab.freedesktop.org/dbus/dbus/-/commit/dc94fe3d31adf72259adc31f343537151a6c0bdd (dbus-1.10.32)
 CVE-2020-35511 (A global buffer overflow was discovered in pngcheck function in pngche ...)
-	TODO: check
+	- pngcheck <unfixed>
+	NOTE: http://www.libpng.org/pub/png/apps/pngcheck.html
+	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1202662#c2
 CVE-2020-35510 (A flaw was found in jboss-remoting in versions before 5.0.20.SP1-redha ...)
 	- libjboss-remoting-java <removed>
 CVE-2020-35509 (A flaw was found in keycloak affecting versions 11.0.3 and 12.0.0. An  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/36823f897bbc62672e5ce71731d651c833c7ecdb

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/36823f897bbc62672e5ce71731d651c833c7ecdb
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220826/f7df7ee8/attachment.htm>


More information about the debian-security-tracker-commits mailing list