[Git][security-tracker-team/security-tracker][master] lrzip, nasm non issues

Moritz Muehlenhoff (@jmm) jmm at debian.org
Wed Jul 27 20:28:28 BST 2022 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
c223daed by Moritz Muehlenhoff at 2022-07-27T21:28:01+02:00
lrzip, nasm non issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -79836,13 +79836,21 @@ CVE-2021-33454 (An issue was discovered in yasm version 1.3.0. There is a NULL p
 	NOTE: https://github.com/yasm/yasm/issues/166
 	NOTE: Crash in CLI tool, no security impact
 CVE-2021-33453 (An issue was discovered in lrzip version 0.641. There is a use-after-f ...)
-	TODO: check
+	- lrzip <unfixed> (unimportant)
+	NOTE: https://github.com/ckolivas/lrzip/issues/199
+	NOTE: Crash in CLI tool, no security impact
 CVE-2021-33452 (An issue was discovered in NASM version 2.16rc0. There are memory leak ...)
-	TODO: check
+	- nasm <unfixed> (unimportant)
+	NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392757
+	NOTE: Memleak in CLI tool, no security impact
 CVE-2021-33451 (An issue was discovered in lrzip version 0.641. There are memory leaks ...)
-	TODO: check
+	- lrzip <unfixed> (unimportant)
+	NOTE: https://github.com/ckolivas/lrzip/issues/198
+	NOTE: Memleak in CLI tool, no security impact
 CVE-2021-33450 (An issue was discovered in NASM version 2.16rc0. There are memory leak ...)
-	TODO: check
+	- nasm <unfixed> (unimportant)
+	NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392758
+	NOTE: Memleak in CLI tool, no security impact
 CVE-2021-33449 (An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES ...)
 	NOT-FOR-US: mjs
 CVE-2021-33448 (An issue was discovered in mjs(mJS: Restricted JavaScript engine), ES6 ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c223daed11f91e314a23fa5b6d820cd2d0c695ed

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c223daed11f91e314a23fa5b6d820cd2d0c695ed
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220727/046d3501/attachment.htm>

More information about the debian-security-tracker-commits mailing list