[Git][security-tracker-team/security-tracker][master] bugnums

Moritz Muehlenhoff (@jmm) jmm at debian.org
Wed Dec 20 16:01:30 GMT 2023 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
13215d71 by Moritz Muehlenhoff at 2023-12-20T17:00:33+01:00
bugnums

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -2728,7 +2728,7 @@ CVE-2023-49465 (Libde265 v1.0.14 was discovered to contain a heap-buffer-overflo
 	- libde265 <unfixed>
 	NOTE: https://github.com/strukturag/libde265/issues/435
 CVE-2023-49464 (libheif v1.17.5 was discovered to contain a segmentation violation via ...)
-	- libheif <unfixed>
+	- libheif <unfixed> (bug #1059151)
 	[bookworm] - libheif <no-dsa> (Minor issue)
 	[bullseye] - libheif <no-dsa> (Minor issue)
 	[buster] - libheif <not-affected> (Vulnerable code not present)
@@ -2736,21 +2736,21 @@ CVE-2023-49464 (libheif v1.17.5 was discovered to contain a segmentation violati
 	NOTE: https://github.com/strukturag/libheif/pull/1049
 	NOTE: https://github.com/strukturag/libheif/commit/2bf226a300951e6897ee7267d0dd379ba5ad7287
 CVE-2023-49463 (libheif v1.17.5 was discovered to contain a segmentation violation via ...)
-	- libheif <unfixed>
+	- libheif <unfixed> (bug #1059151)
 	[bookworm] - libheif <no-dsa> (Minor issue)
 	[bullseye] - libheif <no-dsa> (Minor issue)
 	[buster] - libheif <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/strukturag/libheif/issues/1042
 	NOTE: https://github.com/strukturag/libheif/commit/26ec3953d46bb5756b97955661565bcbc6647abf
 CVE-2023-49462 (libheif v1.17.5 was discovered to contain a segmentation violation via ...)
-	- libheif <unfixed>
+	- libheif <unfixed> (bug #1059151)
 	[bookworm] - libheif <no-dsa> (Minor issue)
 	[bullseye] - libheif <no-dsa> (Minor issue)
 	[buster] - libheif <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/strukturag/libheif/issues/1043
 	NOTE: https://github.com/strukturag/libheif/commit/730a9d80bea3434f75c79e721878cc67f3889969
 CVE-2023-49460 (libheif v1.17.5 was discovered to contain a segmentation violation via ...)
-	- libheif <unfixed>
+	- libheif <unfixed> (bug #1059151)
 	[bookworm] - libheif <no-dsa> (Minor issue)
 	[bullseye] - libheif <no-dsa> (Minor issue)
 	[buster] - libheif <not-affected> (Vulnerable code not present)
@@ -235358,25 +235358,25 @@ CVE-2020-24297 (httpd on TP-Link TL-WPA4220 devices (versions 2 through 4) allow
 CVE-2020-24296
 	RESERVED
 CVE-2020-24295 (Buffer Overflow vulnerability in PSDParser.cpp::ReadImageLine() in Fre ...)
-	- freeimage <unfixed>
+	- freeimage <unfixed> (bug #1059152)
 	[bookworm] - freeimage <postponed> (Revisit when patches are available)
 	[bullseye] - freeimage <postponed> (Revisit when patches are available)
 	[buster] - freeimage <postponed> (Revisit when patches are available)
 	NOTE: https://sourceforge.net/p/freeimage/discussion/36111/thread/afb98701eb/
 CVE-2020-24294 (Buffer Overflow vulnerability in psdParser::UnpackRLE function in PSDP ...)
-	- freeimage <unfixed>
+	- freeimage <unfixed> (bug #1059152)
 	[bookworm] - freeimage <postponed> (Revisit when patches are available)
 	[bullseye] - freeimage <postponed> (Revisit when patches are available)
 	[buster] - freeimage <postponed> (Revisit when patches are available)
 	NOTE: https://sourceforge.net/p/freeimage/discussion/36111/thread/afb98701eb/
 CVE-2020-24293 (Buffer Overflow vulnerability in psdThumbnail::Read in PSDParser.cpp i ...)
-	- freeimage <unfixed>
+	- freeimage <unfixed> (bug #1059152)
 	[bookworm] - freeimage <postponed> (Revisit when patches are available)
 	[bullseye] - freeimage <postponed> (Revisit when patches are available)
 	[buster] - freeimage <postponed> (Revisit when patches are available)
 	NOTE: https://sourceforge.net/p/freeimage/discussion/36111/thread/afb98701eb/
 CVE-2020-24292 (Buffer Overflow vulnerability in load function in PluginICO.cpp in Fre ...)
-	- freeimage <unfixed>
+	- freeimage <unfixed> (bug #1059152)
 	[bookworm] - freeimage <postponed> (Revisit when patches are available)
 	[bullseye] - freeimage <postponed> (Revisit when patches are available)
 	[buster] - freeimage <postponed> (Revisit when patches are available)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/13215d71ff790e689024c2d5d2afdcbefabc6412

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/13215d71ff790e689024c2d5d2afdcbefabc6412
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231220/6e782dab/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list