[Git][security-tracker-team/security-tracker][master] Add CVE-2020-3553{0,1,2,3,4,5}/libraw

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
f8af919e by Salvatore Bonaccorso at 2022-09-01T23:11:37+02:00
Add CVE-2020-3553{0,1,2,3,4,5}/libraw

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -122146,17 +122146,29 @@ CVE-2020-35537 (In gcc, a crafted input source file could cause g++ to crash dur
 CVE-2020-35536 (In gcc, an internal compiler error in match_reload function at lra-con ...)
 	TODO: check
 CVE-2020-35535 (In LibRaw, there is an out-of-bounds read vulnerability within the "Li ...)
-	TODO: check
+	- libraw 0.20.0-4
+	NOTE: https://github.com/LibRaw/LibRaw/issues/283
+	NOTE: https://github.com/LibRaw/LibRaw/commit/c243f4539233053466c1309bde606815351bee81 (0.20-RC2)
 CVE-2020-35534 (In LibRaw, there is a memory corruption vulnerability within the "crxF ...)
-	TODO: check
+	- libraw 0.20.0-4
+	NOTE: https://github.com/LibRaw/LibRaw/commit/e41f331e90b383e3208cefb74e006df44bf3a4b8 (0.20-RC2)
+	NOTE: https://github.com/LibRaw/LibRaw/issues/279
 CVE-2020-35533 (In LibRaw, an out-of-bounds read vulnerability exists within the "LibR ...)
-	TODO: check
+	- libraw 0.20.0-4
+	NOTE: https://github.com/LibRaw/LibRaw/commit/a6937d4046a7c4742b683a04c8564605fd9be4fb (0.20-RC2)
+	NOTE: https://github.com/LibRaw/LibRaw/issues/273
 CVE-2020-35532 (In LibRaw, an out-of-bounds read vulnerability exists within the "simp ...)
-	TODO: check
+	- libraw 0.20.0-4
+	NOTE: https://github.com/LibRaw/LibRaw/commit/5ab45b085898e379fedc6b113e2e82a890602b1e (0.20-RC2)
+	NOTE: https://github.com/LibRaw/LibRaw/issues/271
 CVE-2020-35531 (In LibRaw, an out-of-bounds read vulnerability exists within the get_h ...)
-	TODO: check
+	- libraw 0.20.0-4
+	NOTE: https://github.com/LibRaw/LibRaw/commit/d75af00681a74dcc8b929207eb895611a6eceb68 (0.20-RC2)
+	NOTE: https://github.com/LibRaw/LibRaw/issues/270
 CVE-2020-35530 (In LibRaw, there is an out-of-bounds write vulnerability within the "n ...)
-	TODO: check
+	- libraw 0.20.0-4
+	NOTE: https://github.com/LibRaw/LibRaw/commit/11c4db253ef2c9bb44247b578f5caa57c66a1eeb (0.20-RC2)
+	NOTE: https://github.com/LibRaw/LibRaw/issues/272
 CVE-2020-35529
 	REJECTED
 CVE-2020-35528



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f8af919ee4fc594078c16ce3fd0869ab541b736b

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f8af919ee4fc594078c16ce3fd0869ab541b736b
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220901/2e359c08/attachment.htm>