[Git][security-tracker-team/security-tracker][master] new libde265 issues

Moritz Muehlenhoff (@jmm) jmm at debian.org
Thu Nov 3 10:21:22 GMT 2022



Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
27ae159c by Moritz Muehlenhoff at 2022-11-03T11:20:57+01:00
new libde265 issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -5368,43 +5368,59 @@ CVE-2022-43254 (GPAC v2.1-DEV-rev368-gfd054169b-master was discovered to contain
 	NOTE: https://github.com/gpac/gpac/commit/4520e38aa030f059264c69b426bd8133206fbfe6
 	NOTE: Negligible security impact
 CVE-2022-43253 (Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulne ...)
-	TODO: check
+	- libde265 <unfixed>
+	NOTE: https://github.com/strukturag/libde265/issues/348
 CVE-2022-43252 (Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulne ...)
-	TODO: check
+	- libde265 <unfixed>
+	NOTE: https://github.com/strukturag/libde265/issues/347
 CVE-2022-43251
 	RESERVED
 CVE-2022-43250 (Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulne ...)
-	TODO: check
+	- libde265 <unfixed>
+	NOTE: https://github.com/strukturag/libde265/issues/346
 CVE-2022-43249 (Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulne ...)
-	TODO: check
+	- libde265 <unfixed>
+	NOTE: https://github.com/strukturag/libde265/issues/345
 CVE-2022-43248 (Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulne ...)
-	TODO: check
+	- libde265 <unfixed>
+	NOTE: https://github.com/strukturag/libde265/issues/349
 CVE-2022-43247
 	RESERVED
 CVE-2022-43246
 	RESERVED
 CVE-2022-43245 (Libde265 v1.0.8 was discovered to contain a segmentation violation via ...)
-	TODO: check
+	- libde265 <unfixed>
+	NOTE: https://github.com/strukturag/libde265/issues/352
 CVE-2022-43244 (Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulne ...)
-	TODO: check
+	- libde265 <unfixed>
+	NOTE: https://github.com/strukturag/libde265/issues/342
 CVE-2022-43243 (Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulne ...)
-	TODO: check
+	- libde265 <unfixed>
+	NOTE: https://github.com/strukturag/libde265/issues/339
 CVE-2022-43242 (Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulne ...)
-	TODO: check
+	- libde265 <unfixed>
+	NOTE: https://github.com/strukturag/libde265/issues/340
 CVE-2022-43241 (Libde265 v1.0.8 was discovered to contain an unknown crash via ff_hevc ...)
-	TODO: check
+	- libde265 <unfixed>
+	NOTE: https://github.com/strukturag/libde265/issues/338
 CVE-2022-43240 (Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulne ...)
-	TODO: check
+	- libde265 <unfixed>
+	NOTE: https://github.com/strukturag/libde265/issues/335
 CVE-2022-43239 (Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulne ...)
-	TODO: check
+	- libde265 <unfixed>
+	NOTE: https://github.com/strukturag/libde265/issues/341
 CVE-2022-43238 (Libde265 v1.0.8 was discovered to contain an unknown crash via ff_hevc ...)
-	TODO: check
+	- libde265 <unfixed>
+	NOTE: https://github.com/strukturag/libde265/issues/338
 CVE-2022-43237 (Libde265 v1.0.8 was discovered to contain a stack-buffer-overflow vuln ...)
-	TODO: check
+	- libde265 <unfixed>
+	NOTE: https://github.com/strukturag/libde265/issues/344
 CVE-2022-43236 (Libde265 v1.0.8 was discovered to contain a stack-buffer-overflow vuln ...)
-	TODO: check
+	- libde265 <unfixed>
+	NOTE: https://github.com/strukturag/libde265/issues/343
 CVE-2022-43235 (Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulne ...)
-	TODO: check
+	- libde265 <unfixed>
+	NOTE: https://github.com/strukturag/libde265/issues/337
 CVE-2022-43234
 	RESERVED
 CVE-2022-43233 (Canteen Management System v1.0 was discovered to contain a SQL injecti ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/27ae159cc7267acf565d5ba05f272c396332fcc3

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/27ae159cc7267acf565d5ba05f272c396332fcc3
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20221103/dc64e3e3/attachment.htm>


More information about the debian-security-tracker-commits mailing list