[Git][security-tracker-team/security-tracker][master] Track fixed version for three libde265 issues fixed via unstable
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Fri Feb 3 04:58:01 GMT 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
ac4f4ef7 by Salvatore Bonaccorso at 2023-02-03T05:57:31+01:00
Track fixed version for three libde265 issues fixed via unstable
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -26472,8 +26472,9 @@ CVE-2022-43250 (Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow
NOTE: https://github.com/strukturag/libde265/issues/346
CVE-2022-43249 (Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulne ...)
{DLA-3280-1}
- - libde265 <unfixed> (bug #1027179)
+ - libde265 1.0.11-1 (bug #1027179)
NOTE: https://github.com/strukturag/libde265/issues/345
+ NOTE: https://github.com/strukturag/libde265/pull/373
CVE-2022-43248 (Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulne ...)
{DLA-3280-1}
- libde265 1.0.9-1.1 (bug #1025816)
@@ -26484,8 +26485,9 @@ CVE-2022-43246
RESERVED
CVE-2022-43245 (Libde265 v1.0.8 was discovered to contain a segmentation violation via ...)
{DLA-3280-1}
- - libde265 <unfixed> (bug #1029357)
+ - libde265 1.0.11-1 (bug #1029357)
NOTE: https://github.com/strukturag/libde265/issues/352
+ NOTE: https://github.com/strukturag/libde265/commit/ad291690a8c92218b9e86738edd45ed64736b246 (v1.0.10)
CVE-2022-43244 (Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulne ...)
{DLA-3280-1}
- libde265 1.0.9-1.1 (bug #1027179)
@@ -186301,10 +186303,11 @@ CVE-2020-21597 (libde265 v1.0.4 contains a heap buffer overflow in the mc_chroma
NOTE: https://github.com/strukturag/libde265/issues/238
CVE-2020-21596 (libde265 v1.0.4 contains a global buffer overflow in the decode_CABAC_ ...)
{DLA-3280-1}
- - libde265 <unfixed> (bug #1029397)
+ - libde265 1.0.11-1 (bug #1029397)
[bullseye] - libde265 <postponed> (Minor issue, revisit when fixed upstream)
[stretch] - libde265 <postponed> (Minor issue, revisit when fixed upstream)
NOTE: https://github.com/strukturag/libde265/issues/236
+ NOTE: https://github.com/strukturag/libde265/commit/6751f4e3c8c7af63d0036fedd506b7932630773c (v1.0.10)
CVE-2020-21595 (libde265 v1.0.4 contains a heap buffer overflow in the mc_luma functio ...)
{DLA-3240-1}
- libde265 1.0.9-1 (bug #1014999)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ac4f4ef76d4c9f3751ac59a4a169476adb66fb9c
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ac4f4ef76d4c9f3751ac59a4a169476adb66fb9c
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230203/8fa4fa4d/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list