[Git][security-tracker-team/security-tracker][master] Add CVE-2022-054{4,5,6}/blender

Salvatore Bonaccorso (@carnil) carnil at debian.org
Wed Feb 23 07:11:25 GMT 2022 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
9983c7c7 by Salvatore Bonaccorso at 2022-02-23T08:10:55+01:00
Add CVE-2022-054{4,5,6}/blender

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -2799,12 +2799,23 @@ CVE-2022-24669
 	RESERVED
 CVE-2022-0547
 	RESERVED
-CVE-2022-0546
-	RESERVED
-CVE-2022-0545
-	RESERVED
-CVE-2022-0544
-	RESERVED
+CVE-2022-0546 [Out-of-bounds memory access due to malformed HDR image file]
+	RESERVED
+	- blender <unfixed>
+	NOTE: Issue: https://developer.blender.org/T94572
+	NOTE: Patch: https://developer.blender.org/D11952
+CVE-2022-0545 [Out-of-bounds memory access in IMB_flipy() due to large image dimensions]
+	RESERVED
+	- blender <unfixed>
+	NOTE: Issue: https://developer.blender.org/T94629
+	NOTE: Patch: https://developer.blender.org/D13744
+CVE-2022-0544 [Out-of-bounds memory access due to malformed DDS image file]
+	RESERVED
+	- blender <unfixed>
+	NOTE: Issue: https://developer.blender.org/T94661
+	NOTE: https://developer.blender.org/rB0ac83d05d7cccec436bb939e0aa768f6a3d77d72
+	NOTE: https://developer.blender.org/rBbbad834f1c2a1f7030ed9741c486b23241e8885e
+	NOTE: https://developer.blender.org/rBd9dd8c287f57716a827483973c31bbb2face2816
 CVE-2022-0543 (It was discovered, that redis, a persistent key-value database, due to ...)
 	{DSA-5081-1}
 	- redis <unfixed> (bug #1005787)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9983c7c77ab5f3632dc4ab3cceb1617d4ffa4f50

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9983c7c77ab5f3632dc4ab3cceb1617d4ffa4f50
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220223/6e3c7cd4/attachment.htm>

More information about the debian-security-tracker-commits mailing list