[Git][security-tracker-team/security-tracker][master] CVE-2022-41981 reference the merged commit in the repository

Salvatore Bonaccorso (@carnil) carnil at debian.org
Wed Apr 5 06:52:11 BST 2023



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
7dd22273 by Salvatore Bonaccorso at 2023-04-05T07:47:04+02:00
CVE-2022-41981 reference the merged commit in the repository

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -43052,8 +43052,8 @@ CVE-2022-42002 (SonicJS through 0.6.0 allows file overwrite. It has the followin
 CVE-2022-41981 (A stack-based buffer overflow vulnerability exists in the TGA file for ...)
 	- openimageio 2.4.7.1+dfsg-2 (bug #1027143)
 	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2022-1628
-	NOTE: https://github.com/OpenImageIO/oiio/commit/bc9c931092e973d5250dd22a714cf035827dae6d
-	NOTE: https://github.com/OpenImageIO/oiio/pull/3622/commits/c412312f978fbbf987f190d0d2a9f6980b7f267f
+	NOTE: Prerequisite: https://github.com/OpenImageIO/oiio/commit/bc9c931092e973d5250dd22a714cf035827dae6d
+	NOTE: https://github.com/OpenImageIO/oiio/commit/19121dc4f0cca1e0ff53d616043d482f23169249
 CVE-2022-41977 (An out of bounds read vulnerability exists in the way OpenImageIO vers ...)
 	- openimageio 2.3.21.0+dfsg-1 (bug #1027143)
 	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2022-1627



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7dd22273ec1287e978592f506a5e21b76ff0427e

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7dd22273ec1287e978592f506a5e21b76ff0427e
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230405/a109b8c2/attachment.htm>


More information about the debian-security-tracker-commits mailing list