[Git][security-tracker-team/security-tracker][master] Track fixed version for unstable for CVE-2020-35511

Tue Dec 6 12:36:16 GMT 2022


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
9739e207 by Salvatore Bonaccorso at 2022-12-06T13:33:57+01:00
Track fixed version for unstable for CVE-2020-35511

In 3.0.0 upstream two buffer overflow flaws were fixed. The 3.0.0
release was first included in unstable through the 3.0.2-2 upload.

Older versions if they get an update will likely just be re-builds of
the upper version according to https://bugs.debian.org/1021278#26

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -146104,7 +146104,7 @@ CVE-2020-35512 (A use-after-free flaw was found in D-Bus Development branch <
 	NOTE: https://gitlab.freedesktop.org/dbus/dbus/-/commit/f3b2574f0c9faa32a59efec905921f7ef4438a60 (dbus-1.12.20)
 	NOTE: https://gitlab.freedesktop.org/dbus/dbus/-/commit/dc94fe3d31adf72259adc31f343537151a6c0bdd (dbus-1.10.32)
 CVE-2020-35511 (A global buffer overflow was discovered in pngcheck function in pngche ...)
-	- pngcheck <unfixed> (bug #1021278)
+	- pngcheck 3.0.2-2 (bug #1021278)
 	NOTE: http://www.libpng.org/pub/png/apps/pngcheck.html
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1202662#c2
 CVE-2020-35510 (A flaw was found in jboss-remoting in versions before 5.0.20.SP1-redha ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9739e207adc0e6e333906a6ebb8f124a1f43d142

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9739e207adc0e6e333906a6ebb8f124a1f43d142
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20221206/7fbeea12/attachment.htm>
