[Git][security-tracker-team/security-tracker][master] Add upstream tag information for libheif issues
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Dec 27 08:09:19 GMT 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
8dbaa174 by Salvatore Bonaccorso at 2023-12-27T09:08:49+01:00
Add upstream tag information for libheif issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -3819,28 +3819,28 @@ CVE-2023-49464 (libheif v1.17.5 was discovered to contain a segmentation violati
[buster] - libheif <not-affected> (Vulnerable code not present)
NOTE: https://github.com/strukturag/libheif/issues/1044
NOTE: https://github.com/strukturag/libheif/pull/1049
- NOTE: https://github.com/strukturag/libheif/commit/2bf226a300951e6897ee7267d0dd379ba5ad7287
+ NOTE: https://github.com/strukturag/libheif/commit/2bf226a300951e6897ee7267d0dd379ba5ad7287 (v1.17.6)
CVE-2023-49463 (libheif v1.17.5 was discovered to contain a segmentation violation via ...)
- libheif 1.17.6-1 (bug #1059151)
[bookworm] - libheif <no-dsa> (Minor issue)
[bullseye] - libheif <no-dsa> (Minor issue)
[buster] - libheif <not-affected> (Vulnerable code not present)
NOTE: https://github.com/strukturag/libheif/issues/1042
- NOTE: https://github.com/strukturag/libheif/commit/26ec3953d46bb5756b97955661565bcbc6647abf
+ NOTE: https://github.com/strukturag/libheif/commit/26ec3953d46bb5756b97955661565bcbc6647abf (v1.17.6)
CVE-2023-49462 (libheif v1.17.5 was discovered to contain a segmentation violation via ...)
- libheif 1.17.6-1 (bug #1059151)
[bookworm] - libheif <no-dsa> (Minor issue)
[bullseye] - libheif <no-dsa> (Minor issue)
[buster] - libheif <not-affected> (Vulnerable code not present)
NOTE: https://github.com/strukturag/libheif/issues/1043
- NOTE: https://github.com/strukturag/libheif/commit/730a9d80bea3434f75c79e721878cc67f3889969
+ NOTE: https://github.com/strukturag/libheif/commit/730a9d80bea3434f75c79e721878cc67f3889969 (v1.17.6)
CVE-2023-49460 (libheif v1.17.5 was discovered to contain a segmentation violation via ...)
- libheif 1.17.6-1 (bug #1059151)
[bookworm] - libheif <no-dsa> (Minor issue)
[bullseye] - libheif <no-dsa> (Minor issue)
[buster] - libheif <not-affected> (Vulnerable code not present)
NOTE: https://github.com/strukturag/libheif/issues/1046
- NOTE: https://github.com/strukturag/libheif/commit/fd5b02aca3e29088bf0a1fc400bd661be4a6ed76
+ NOTE: https://github.com/strukturag/libheif/commit/fd5b02aca3e29088bf0a1fc400bd661be4a6ed76 (v1.17.6)
CVE-2023-49437 (Tenda AX12 V22.03.01.46 has been discovered to contain a command injec ...)
NOT-FOR-US: Tenda
CVE-2023-49436 (Tenda AX9 V22.03.01.46 has been discovered to contain a command inject ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8dbaa17471080cc17308237415411056bb94175e
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8dbaa17471080cc17308237415411056bb94175e
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231227/d8bbdea7/attachment.htm>
More information about the debian-security-tracker-commits
mailing list