[Git][security-tracker-team/security-tracker][master] Update information on CVE-2023-36183/openimageio

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue Jul 4 16:38:00 BST 2023 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
1d724827 by Salvatore Bonaccorso at 2023-07-04T17:37:28+02:00
Update information on CVE-2023-36183/openimageio

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -59,11 +59,12 @@ CVE-2023-36223 (Cross Site Scripting vulnerability in mlogclub bbs-go v. 3.5.5.
 CVE-2023-36222 (Cross Site Scripting vulnerability in mlogclub bbs-go v. 3.5.5. and be ...)
 	NOT-FOR-US: mlogclub bbs-go
 CVE-2023-36183 (Buffer Overflow vulnerability in OpenImageIO v.2.4.12.0 and before all ...)
-	- openimageio <unfixed>
+	- openimageio 2.4.13.0+dfsg-1
 	[bookworm] - openimageio <no-dsa> (Minor issue)
 	[bullseye] - openimageio <no-dsa> (Minor issue)
 	NOTE: https://github.com/OpenImageIO/oiio/issues/3871
-	NOTE: https://github.com/OpenImageIO/oiio/commit/aad99bad9a4f6b965f99a291f9c67458c8c982e8
+	NOTE: https://github.com/OpenImageIO/oiio/commit/aad99bad9a4f6b965f99a291f9c67458c8c982e8 (master)
+	NOTE: https://github.com/OpenImageIO/oiio/commit/749a557b5eed75a1b1c728e6287e4ca8e2e0be1e (v2.4.13.0)
 CVE-2023-36162 (Cross Site Request Forgery vulnerability in ZZCMS v.2023 alows a remot ...)
 	NOT-FOR-US: ZZCMS
 CVE-2023-35935 (@fastify/oauth2, a wrapper around the `simple-oauth2` library, is vuln ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1d72482757c48ee175c98a7048b32bc2c08b3259

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1d72482757c48ee175c98a7048b32bc2c08b3259
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230704/82798e65/attachment.htm>

More information about the debian-security-tracker-commits mailing list