[Git][security-tracker-team/security-tracker][master] Add three nasm issues
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Fri Aug 25 21:07:31 BST 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
ddf2ab52 by Salvatore Bonaccorso at 2023-08-25T22:07:04+02:00
Add three nasm issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -220672,11 +220672,15 @@ CVE-2020-21688 (A heap-use-after-free in the av_freep function in libavutil/mem.
NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=f7c9b1ed56b98eede5756d6865a10305982b4570 (4.1.9)
NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=f1a77222da98dbe4b8eeda54d68deefe6adcd299 (3.2.17)
CVE-2020-21687 (Buffer Overflow vulnerability in scan function in stdscan.c in nasm 2. ...)
- TODO: check
+ - nasm 2.15.04-1 (unimportant)
+ NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392645
+ NOTE: Crash in CLI tool, no security impact
CVE-2020-21686 (A stack-use-after-scope issue discovered in expand_mmac_params functio ...)
- TODO: check
+ - nasm 2.15.04-1
+ NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392643
CVE-2020-21685 (Buffer Overflow vulnerability in hash_findi function in hashtbl.c in n ...)
- TODO: check
+ - nasm 2.15.04-1
+ NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392644
CVE-2020-21684 (A global buffer overflow in the put_font in genpict2e.c of fig2dev 3.2 ...)
- fig2dev 1:3.2.8-1 (unimportant)
- transfig <removed>
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ddf2ab52a180e27b0bcbeccd424f2630f92b34f6
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ddf2ab52a180e27b0bcbeccd424f2630f92b34f6
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230825/13354ea7/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list