[Git][security-tracker-team/security-tracker][master] Update status for CVE-2021-36081/tesseract

Salvatore Bonaccorso (@carnil) carnil at debian.org
Thu Jan 5 13:56:49 GMT 2023 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
2041dd5f by Salvatore Bonaccorso at 2023-01-05T14:56:21+01:00
Update status for CVE-2021-36081/tesseract

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -111252,13 +111252,13 @@ CVE-2021-36082 (ntop nDPI 3.4 has a stack-based buffer overflow in processClient
 	NOTE: https://github.com/google/oss-fuzz-vulns/blob/main/vulns/ndpi/OSV-2021-304.yaml
 	NOTE: https://github.com/ntop/nDPI/commit/1ec621c85b9411cc611652fd57a892cfef478af3
 CVE-2021-36081 (Tesseract OCR 5.0.0-alpha-20201231 has a one_ell_conflict use-after-fr ...)
-	- tesseract <unfixed> (bug #990529)
+	- tesseract 5.1.0-1 (bug #990529)
 	[bullseye] - tesseract <no-dsa> (Minor issue)
 	[buster] - tesseract <no-dsa> (Minor issue)
 	[stretch] - tesseract <no-dsa> (Minor issue)
 	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=29698
 	NOTE: https://github.com/google/oss-fuzz-vulns/blob/main/vulns/tesseract-ocr/OSV-2021-211.yaml
-	NOTE: https://github.com/tesseract-ocr/tesseract/commit/e6f15621c2ab2ecbfabf656942d8ef66f03b2d55
+	NOTE: https://github.com/tesseract-ocr/tesseract/commit/e6f15621c2ab2ecbfabf656942d8ef66f03b2d55 (5.0.0-alpha-20210401)
 CVE-2021-36080 (GNU LibreDWG 0.12.3.4163 through 0.12.3.4191 has a double-free in bit_ ...)
 	- libredwg <itp> (bug #595191)
 CVE-2020-36407 (libavif 0.8.0 and 0.8.1 has an out-of-bounds write in avifDecoderDataF ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2041dd5fb3c9bf8088c2eb7b470eb2add0fecffb

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2041dd5fb3c9bf8088c2eb7b470eb2add0fecffb
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230105/f7159b1a/attachment.htm>

More information about the debian-security-tracker-commits mailing list