[Git][security-tracker-team/security-tracker][master] Update status for CVE-2021-44648 in buster
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sat Jan 22 13:39:17 GMT 2022
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
6b93cf8c by Salvatore Bonaccorso at 2022-01-22T14:38:18+01:00
Update status for CVE-2021-44648 in buster
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -9732,6 +9732,7 @@ CVE-2021-44649 (Django CMS 3.7.3 does not validate the plugin_type parameter whi
- python-django-cms <itp> (bug #516183)
CVE-2021-44648 (GNOME gdk-pixbuf 2.42.6 is vulnerable to a heap-buffer overflow vulner ...)
- gdk-pixbuf <unfixed>
+ [buster] - gdk-pixbuf <not-affected> (Vulnerable code introduced later)
[stretch] - gdk-pixbuf <not-affected> (Vulnerable code introduced later)
NOTE: https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/issues/136
NOTE: https://sahildhar.github.io/blogpost/GdkPixbuf-Heap-Buffer-Overflow-in-lzw_decoder_new/
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6b93cf8c888ce21c1f372603ee27ee952bf41f06
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6b93cf8c888ce21c1f372603ee27ee952bf41f06
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220122/864d3b83/attachment.htm>
More information about the debian-security-tracker-commits
mailing list