[Git][security-tracker-team/security-tracker][master] Add CVE-2020-18768/tiff
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sat Aug 26 08:28:59 BST 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
99f347c8 by Salvatore Bonaccorso at 2023-08-26T09:28:30+02:00
Add CVE-2020-18768/tiff
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -227048,7 +227048,10 @@ CVE-2020-18770 (An issue was discovered in function zzip_disk_entry_to_file_head
CVE-2020-18769
RESERVED
CVE-2020-18768 (There exists one heap buffer overflow in _TIFFmemcpy in tif_unix.c in ...)
- TODO: check
+ - tiff 4.0.10+git190814-1
+ NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2848
+ NOTE: https://gitlab.com/libtiff/libtiff/-/merge_requests/72
+ NOTE: Fixed by: https://gitlab.com/libtiff/libtiff/-/commit/1fb9e731ef3e4ceb7af128ce298adb271088064f (v4.1.0)
CVE-2020-18767
RESERVED
CVE-2020-18766 (A cross-site scripting (XSS) vulnerability AntSword v2.0.7 can remotel ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/99f347c869671295e0f245e3a899398dbaa5d581
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/99f347c869671295e0f245e3a899398dbaa5d581
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230826/6bbdc445/attachment.htm>
More information about the debian-security-tracker-commits
mailing list