[Git][security-tracker-team/security-tracker][master] Track fixed version for two tinyexr issues
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Fri Sep 9 05:41:30 BST 2022
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
3b4bb8cb by Salvatore Bonaccorso at 2022-09-09T06:41:01+02:00
Track fixed version for two tinyexr issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -4138,7 +4138,7 @@ CVE-2022-38530 (GPAC v2.1-DEV-rev232-gfcaa01ebb-master was discovered to contain
NOTE: https://github.com/gpac/gpac/issues/2216
NOTE: https://github.com/gpac/gpac/commit/4e56ad72ac1afb4e049a10f2d99e7512d7141f9d
CVE-2022-38529 (tinyexr commit 0647fb3 was discovered to contain a heap-buffer overflo ...)
- - tinyexr <unfixed>
+ - tinyexr 1.0.1+dfsg-4
NOTE: https://github.com/syoyo/tinyexr/issues/169
NOTE: https://github.com/syoyo/tinyexr/commit/82984a37d1dba67000a35b083b26df5e57a2bb72
CVE-2022-38528 (Open Asset Import Library (assimp) commit 3c253ca was discovered to co ...)
@@ -15389,7 +15389,7 @@ CVE-2022-34301 (A flaw was found in CryptoPro Secure Disk bootloaders before 202
NOTE: This transitively affects Secure Boot as used in Debian, but tracking DBX updates
NOTE: is out of scope for the Debian Security Tracker
CVE-2022-34300 (In tinyexr 1.0.1, there is a heap-based buffer over-read in tinyexr::D ...)
- - tinyexr <unfixed> (bug #1014980)
+ - tinyexr 1.0.1+dfsg-4 (bug #1014980)
[bullseye] - tinyexr <no-dsa> (Minor issue)
NOTE: https://github.com/syoyo/tinyexr/issues/167
CVE-2022-34299 (There is a heap-based buffer over-read in libdwarf 0.4.0. This issue i ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3b4bb8cbf09b225276e542d0ba34fc28f8a138e8
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3b4bb8cbf09b225276e542d0ba34fc28f8a138e8
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220909/da93f504/attachment.htm>
More information about the debian-security-tracker-commits
mailing list