[Git][security-tracker-team/security-tracker][master] triage giflib and reserve DLA-3223-1
Helmut Grohne (@helmutg)
helmutg at debian.org
Mon Dec 5 11:59:52 GMT 2022
Helmut Grohne pushed to branch master at Debian Security Tracker / security-tracker
Commits:
6c8041f1 by Helmut Grohne at 2022-12-05T12:58:43+01:00
triage giflib and reserve DLA-3223-1
* CVE-2020-23922: verified that reproducer doesn't work anymore
* CVE-2019-15133: fixed
* CVE-2018-11490: fixed
* CVE-2018-11489: locate patch; never affected us, see bug discussion
* CVE-2016-3977: drop ELTS entries
* CVE-2016-XXXX: flag unimportant, cannot triage in elts tracker
- - - - -
2 changed files:
- data/CVE/list
- data/DLA/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -166107,6 +166107,7 @@ CVE-2020-23922 (An issue was discovered in giflib through 5.1.4. DumpScreen2RGB
- giflib <unfixed> (unimportant; bug #988151)
NOTE: https://sourceforge.net/p/giflib/bugs/151/
NOTE: Specific to gif2rgb. Crash in CLI tool, no security impact
+ NOTE: Reproducer does not trigger using giflib 5.2.1-2.5 with asan or valgrind.
CVE-2020-23921 (An issue was discovered in fast_ber through v0.4. yy::yylex() in asn_c ...)
NOT-FOR-US: fast_ber
CVE-2020-23920
@@ -238645,9 +238646,6 @@ CVE-2019-15134 (RIOT through 2019.07 contains a memory leak in the TCP implement
CVE-2019-15133 (In GIFLIB before 2019-02-16, a malformed GIF file triggers a divide-by ...)
[experimental] - giflib 5.1.8-1
- giflib 5.1.9-1
- [buster] - giflib <no-dsa> (Minor issue)
- [stretch] - giflib <no-dsa> (Minor issue)
- [jessie] - giflib <no-dsa> (Minor issue)
NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=13008
NOTE: https://sourceforge.net/p/giflib/code/ci/799eb6a3af8a3dd81e2429bf11a72a57e541f908/
NOTE: https://sourceforge.net/p/giflib/bugs/119/
@@ -305196,22 +305194,16 @@ CVE-2018-11491 (ASUS HG100 devices with firmware before 1.05.12 allow unauthenti
CVE-2018-11490 (The DGifDecompressLine function in dgif_lib.c in GIFLIB (possibly vers ...)
[experimental] - giflib 5.1.7-1
- giflib 5.1.9-1 (bug #904114)
- [buster] - giflib <no-dsa> (Minor issue)
- [stretch] - giflib <no-dsa> (Minor issue)
- [jessie] - giflib <no-dsa> (Minor issue)
NOTE: https://github.com/pts/sam2p/issues/38
NOTE: https://sourceforge.net/p/giflib/bugs/113/
NOTE: https://sourceforge.net/p/giflib/code/ci/08438a5098f3bb1de23a29334af55eba663f75bd/
NOTE: Issue was reported against sam2p but issue is in dgif_lib.c from giflib.
CVE-2018-11489 (The DGifDecompressLine function in dgif_lib.c in GIFLIB (possibly vers ...)
- - giflib <unfixed> (bug #904113)
- [bullseye] - giflib <no-dsa> (Minor issue)
- [buster] - giflib <no-dsa> (Minor issue)
- [stretch] - giflib <no-dsa> (Minor issue)
- [jessie] - giflib <no-dsa> (Minor issue)
+ - giflib 4.1.6-11 (bug #904113)
NOTE: https://github.com/pts/sam2p/issues/37
NOTE: https://sourceforge.net/p/giflib/bugs/112/
NOTE: Issue was reported against sam2p but issue is in dgif_lib.c from giflib.
+ NOTE: https://github.com/pts/sam2p/files/2252965/sam2p_CVEs.patch.txt
CVE-2018-11488 (A stack exhaustion vulnerability in the search function of dtSearch 7. ...)
NOT-FOR-US: dtSearch
CVE-2018-11487 (PHPMyWind 5.5 has XSS via the cid parameter to newsshow.php, or the qu ...)
@@ -407539,8 +407531,6 @@ CVE-2016-3981 (Heap-based buffer overflow in the bmp_read_rows function in pngxr
NOTE: https://sourceforge.net/p/optipng/bugs/56/
CVE-2016-3977 (Heap-based buffer overflow in util/gif2rgb.c in gif2rgb in giflib 5.1. ...)
- giflib 5.1.4-3 (bug #820526)
- [stretch] - giflib <no-dsa> (Minor issue)
- [jessie] - giflib <no-dsa> (Minor issue)
[wheezy] - giflib <no-dsa> (minor issue)
NOTE: https://sourceforge.net/p/giflib/bugs/87/
NOTE: https://sourceforge.net/p/giflib/code/ci/ea8dbc5786862a3e16a5acfa3d24e2c2f608cd88/
@@ -413557,12 +413547,13 @@ CVE-2015-8786 (The Management plugin in RabbitMQ before 3.6.1 allows remote auth
NOTE: https://github.com/rabbitmq/rabbitmq-management/issues/97
CVE-2016-XXXX [out of bound read and write issues]
- giflib 5.1.4-0.1 (bug #820594)
- [jessie] - giflib <no-dsa> (Minor issue)
+ [jessie] - giflib <no-dsa> (unimportant)
[wheezy] - giflib <no-dsa> (Minor issue)
[squeeze] - giflib <no-dsa> (Minor issue)
NOTE: http://sourceforge.net/p/giflib/bugs/82/
NOTE: CVE Request: https://www.openwall.com/lists/oss-security/2016/01/26/5
NOTE: http://sourceforge.net/p/giflib/code/ci/4cc68b315ff9a378aef6664e1be6b2144ad4a5e6/
+ NOTE: Specific to gif2rgb. Crash in CLI tool, no security impact
CVE-2016-2073 (The htmlParseNameComplex function in HTMLparser.c in libxml2 allows at ...)
{DSA-3593-1 DLA-503-1}
- libxml2 2.9.3+dfsg1-1.1 (bug #812807)
=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[05 Dec 2022] DLA-3223-1 giflib - security update
+ {CVE-2018-11490 CVE-2019-15133}
+ [buster] - giflib 5.1.4-3+deb10u1
[05 Dec 2022] DLA-3222-1 node-fetch - security update
{CVE-2022-0235}
[buster] - node-fetch 1.7.3-1+deb10u1
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6c8041f11405731a7ad73defb3ebb98bdfc27f87
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6c8041f11405731a7ad73defb3ebb98bdfc27f87
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20221205/53c8c1fb/attachment.htm>
More information about the debian-security-tracker-commits
mailing list