[Git][security-tracker-team/security-tracker][master] Add CVE-2023-24472/openimageio
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sun Apr 9 20:31:22 BST 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
428d3e62 by Salvatore Bonaccorso at 2023-04-09T21:30:49+02:00
Add CVE-2023-24472/openimageio
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -16764,7 +16764,11 @@ CVE-2023-24473 (An information disclosure vulnerability exists in the TGAInput::
NOTE: https://github.com/OpenImageIO/oiio/commit/209bb4c327b2a8be08f41c1a213dfe9001f0b5d0 (v2.4.8.1)
NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1707
CVE-2023-24472 (A denial of service vulnerability exists in the FitsOutput::close() fu ...)
- TODO: check
+ [experimental] - openimageio 2.4.9.0+dfsg-1
+ - openimageio <unfixed>
+ NOTE: https://github.com/OpenImageIO/oiio/commit/f8db9f38d18a66889f444031051e0f0acaa611b6 (master)
+ NOTE: https://github.com/OpenImageIO/oiio/commit/a39692256b060b543f53646c6a807c81b79c5750 (v2.4.8.1)
+ NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1709
CVE-2023-22845 (An out-of-bounds read vulnerability exists in the TGAInput::decode_pix ...)
[experimental] - openimageio 2.4.9.0+dfsg-1
- openimageio <unfixed>
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/428d3e62a2d790c8dfd41e17cca4aaabfd895238
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/428d3e62a2d790c8dfd41e17cca4aaabfd895238
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230409/d429235d/attachment.htm>
More information about the debian-security-tracker-commits
mailing list