[Git][security-tracker-team/security-tracker][master] Track fixed version for libstb issues via unstable
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Aug 15 06:19:29 BST 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
7805fb01 by Salvatore Bonaccorso at 2023-08-15T07:18:42+02:00
Track fixed version for libstb issues via unstable
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -101301,7 +101301,7 @@ CVE-2022-28043
RESERVED
CVE-2022-28042 (stb_image.h v2.27 was discovered to contain an heap-based use-after-fr ...)
{DLA-3305-1}
- - libstb <unfixed> (bug #1014531)
+ - libstb 0.0~git20230129.5736b15+ds-1 (bug #1014531)
[bookworm] - libstb <no-dsa> (Minor issue)
[bullseye] - libstb <no-dsa> (Minor issue)
NOTE: https://github.com/nothings/stb/issues/1289
@@ -101312,7 +101312,7 @@ CVE-2022-28042 (stb_image.h v2.27 was discovered to contain an heap-based use-af
NOTE: https://github.com/nothings/stb/commit/5cfc2a744ad7047cda2396cc67772f313a46093d
CVE-2022-28041 (stb_image.h v2.27 was discovered to contain an integer overflow via th ...)
{DLA-3305-1}
- - libstb <unfixed> (bug #1014531)
+ - libstb 0.0~git20230129.5736b15+ds-1 (bug #1014531)
[bookworm] - libstb <no-dsa> (Minor issue)
[bullseye] - libstb <no-dsa> (Minor issue)
NOTE: https://github.com/nothings/stb/issues/1292
@@ -133255,7 +133255,7 @@ CVE-2021-42717 (ModSecurity 3.x through 3.0.5 mishandles excessively nested JSON
NOTE: Fixed by: https://github.com/SpiderLabs/ModSecurity/commit/41918335fa4c74fba46a986771a5a6cb457070c4 (v2.9.5)
NOTE: Fixed by: https://github.com/SpiderLabs/ModSecurity/commit/ac79c1c29b7e6323e26cc984ad4f76ef62c731cd (v3.0.6)
CVE-2021-42716 (An issue was discovered in stb stb_image.h 2.27. The PNM loader incorr ...)
- - libstb <unfixed> (bug #1014532)
+ - libstb 0.0~git20230129.5736b15+ds-1 (bug #1014532)
[bookworm] - libstb <no-dsa> (Minor issue)
[bullseye] - libstb <not-affected> (Vulnerable code introduced later)
[buster] - libstb <not-affected> (Vulnerable code introduced later)
@@ -133266,7 +133266,7 @@ CVE-2021-42716 (An issue was discovered in stb stb_image.h 2.27. The PNM loader
NOTE: https://github.com/nothings/stb/commit/8befa752b005da174b2429c1ffaafffe452b2997
CVE-2021-42715 (An issue was discovered in stb stb_image.h 1.33 through 2.27. The HDR ...)
{DLA-3305-1}
- - libstb <unfixed> (bug #1014532)
+ - libstb 0.0~git20230129.5736b15+ds-1 (bug #1014532)
[bookworm] - libstb <no-dsa> (Minor issue)
[bullseye] - libstb <no-dsa> (Minor issue)
NOTE: https://github.com/nothings/stb/issues/1224
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7805fb01ba91ce818f472be73c4b8c7553c07260
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7805fb01ba91ce818f472be73c4b8c7553c07260
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230815/34e4385b/attachment.htm>
More information about the debian-security-tracker-commits
mailing list