[Git][security-tracker-team/security-tracker][master] Reserve DLA-2902-1 for graphicsmagick
Thorsten Alteholz (@alteholz)
alteholz at debian.org
Thu Jan 27 22:40:48 GMT 2022
Thorsten Alteholz pushed to branch master at Debian Security Tracker / security-tracker
Commits:
f80c98e4 by Thorsten Alteholz at 2022-01-27T23:40:31+01:00
Reserve DLA-2902-1 for graphicsmagick
- - - - -
2 changed files:
- data/CVE/list
- data/DLA/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -123902,7 +123902,6 @@ CVE-2020-12672 (GraphicsMagick through 1.3.35 has a heap-based buffer overflow i
{DLA-2236-1}
- graphicsmagick 1.4+really1.3.35-2 (bug #960000)
[buster] - graphicsmagick <postponed> (Minor issue; can be fixed along in future DSA)
- [stretch] - graphicsmagick <postponed> (Minor issue; can be fixed along in future DSA)
NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=19025
NOTE: Fixed by: https://sourceforge.net/p/graphicsmagick/code/ci/50395430a37188d0d197e71bd85ed6dd0f649ee3/
CVE-2020-12671
=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[27 Jan 2022] DLA-2902-1 graphicsmagick - security update
+ {CVE-2020-12672}
+ [stretch] - graphicsmagick 1.3.30+hg15796-1~deb9u5
[26 Jan 2022] DLA-2883-2 uriparser - regression update
{CVE-2021-46141}
[stretch] - uriparser 0.8.4-1+deb9u4
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f80c98e4199c8f7372c3ca5f37e3b6e0d7ef7ef7
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f80c98e4199c8f7372c3ca5f37e3b6e0d7ef7ef7
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220127/cb4b5bc8/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list