[Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2020-0478,aom: Mark buster and bullseye as ignored

Markus Koschany (@apo) apo at debian.org
Tue Sep 5 23:28:33 BST 2023 


Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker


Commits:
d500da7f by Markus Koschany at 2023-09-06T00:19:20+02:00
CVE-2020-0478,aom: Mark buster and bullseye as ignored

I explored the possibility to upgrade aom to version 1.0.0.errata1.avif-1. This
was not feasible because the version changes the ABI (#997806).

Looking at the huge diff which is mentioned in the security advisory, the
solution for CVE-2020-0478 seems to be to introduce a new configuration option
called CONFIG_AV1_HIGHBITDEPTH which is set to 1 by default. I don't think that
backporting this switch is useful enough as long as it is enabled by default.
It is not clear if there would be possible repercussions for r-deps. Hence I
tend to ignore this issue.

- - - - -
d78b3da9 by Markus Koschany at 2023-09-06T00:28:13+02:00
Reserve DLA-3556-1 for aom

- - - - -


3 changed files:

- data/CVE/list
- data/DLA/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -169580,19 +169580,16 @@ CVE-2021-3486 (GLPi 9.5.4 does not sanitize the metadata. This way its possible
 CVE-2021-30475 (aom_dsp/noise_model.c in libaom in AOMedia before 2021-03-24 has a buf ...)
 	[experimental] - aom 3.2.0-1~exp1
 	- aom 3.2.0-1
-	[buster] - aom <no-dsa> (Minor issue)
 	NOTE: https://aomedia.googlesource.com/aom/+/12adc723acf02633595a4d8da8345742729f46c0
 	NOTE: https://bugs.chromium.org/p/aomedia/issues/detail?id=2999
 CVE-2021-30474 (aom_dsp/grain_table.c in libaom in AOMedia before 2021-03-30 has a use ...)
 	[experimental] - aom 3.2.0-1~exp1
 	- aom 3.2.0-1
-	[buster] - aom <no-dsa> (Minor issue)
 	NOTE: https://aomedia.googlesource.com/aom/+/6e31957b6dc62dbc7d1bb70cd84902dd14c4bf2e
 	NOTE: https://bugs.chromium.org/p/aomedia/issues/detail?id=3000
 CVE-2021-30473 (aom_image.c in libaom in AOMedia before 2021-04-07 frees memory that i ...)
 	[experimental] - aom 3.2.0-1~exp1
 	- aom 3.2.0-1 (bug #988211)
-	[buster] - aom <no-dsa> (Minor issue)
 	NOTE: https://aomedia.googlesource.com/aom/+/d0cac70b542c38accd916f8afd13592d34c48963%5E%21/
 	NOTE: https://bugs.chromium.org/p/aomedia/issues/detail?id=2998
 CVE-2021-30472 (A flaw was found in PoDoFo 0.9.7. A stack-based buffer overflow in Pdf ...)
@@ -191763,7 +191760,6 @@ CVE-2020-36136 (SQL Injection vulnerability in cskaza cszcms version 1.2.9, allo
 	NOT-FOR-US: cskaza cszcms
 CVE-2020-36135 (AOM v2.0.1 was discovered to contain a NULL pointer dereference via th ...)
 	- aom 3.2.0-1
-	[buster] - aom <no-dsa> (Minor issue)
 	NOTE: https://aomedia.googlesource.com/aom/+/94bcbfe76b0fd5b8ac03645082dc23a88730c949 (v2.1.0-rc1)
 	NOTE: https://bugs.chromium.org/p/aomedia/issues/detail?id=2910&q=&can=1
 	NOTE: https://bugs.chromium.org/p/aomedia/issues/detail?id=2911
@@ -191775,19 +191771,16 @@ CVE-2020-36134 (AOM v2.0.1 was discovered to contain a segmentation violation vi
 	NOTE: Fixed by: https://aomedia.googlesource.com/aom/+/5a1b33b710050b69557d26cf53d4943325481beb (v2.1.0-rc1)
 CVE-2020-36133 (AOM v2.0.1 was discovered to contain a global buffer overflow via the  ...)
 	- aom 3.2.0-1
-	[buster] - aom <no-dsa> (Minor issue)
 	NOTE: https://bugs.chromium.org/p/aomedia/issues/detail?id=2913&q=&can=1
 	NOTE: https://aomedia.googlesource.com/aom/+/5c9bc4181071684d157fc47c736acf6c69a85d85 (v3.2.0-rc1)
 CVE-2020-36132
 	RESERVED
 CVE-2020-36131 (AOM v2.0.1 was discovered to contain a stack buffer overflow via the c ...)
 	- aom 3.2.0-1
-	[buster] - aom <no-dsa> (Minor issue)
 	NOTE: https://aomedia.googlesource.com/aom/+/94bcbfe76b0fd5b8ac03645082dc23a88730c949 (v2.1.0-rc1)
 	NOTE: https://bugs.chromium.org/p/aomedia/issues/detail?id=2911&q=&can=1
 CVE-2020-36130 (AOM v2.0.1 was discovered to contain a NULL pointer dereference via th ...)
 	- aom 3.2.0-1
-	[buster] - aom <no-dsa> (Minor issue)
 	NOTE: https://aomedia.googlesource.com/aom/+/be4ee75fd762d361d0679cc892e4c74af8140093%5E%21/#F0 (v2.1.0-rc1)
 	NOTE: https://bugs.chromium.org/p/aomedia/issues/detail?id=2905&q=&can=1
 CVE-2020-36129 (AOM v2.0.1 was discovered to contain a stack buffer overflow via the c ...)
@@ -280832,7 +280825,8 @@ CVE-2020-0479 (In callUnchecked of DocumentsProvider.java, there is a possible p
 	NOT-FOR-US: Android
 CVE-2020-0478 (In extend_frame_lowbd of restoration.c, there is a possible out of bou ...)
 	- aom 1.0.0.errata1.avif-1
-	[buster] - aom <no-dsa> (Minor issue)
+	[bullseye] - aom <ignored> (Minor issue)
+	[buster] - aom <ignored> (Minor issue)
 	NOTE: https://android.googlesource.com/platform/external/libaom/+/816f15265cb89a02d7ce4b657de277828e71a4b1
 	NOTE: https://source.android.com/security/bulletin/pixel/2020-12-01
 	NOTE: https://aomedia.googlesource.com/aom/+/ebba9c769be2c99d5396d0018901e9a4af5e2d2c (v1.0.0-errata1-avif)


=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[06 Sep 2023] DLA-3556-1 aom - security update
+	{CVE-2020-36130 CVE-2020-36131 CVE-2020-36133 CVE-2020-36135 CVE-2021-30473 CVE-2021-30474 CVE-2021-30475}
+	[buster] - aom 1.0.0-3+deb10u1
 [05 Sep 2023] DLA-3555-1 php7.3 - security update
 	{CVE-2023-3823 CVE-2023-3824}
 	[buster] - php7.3 7.3.31-1~deb10u5


=====================================
data/dla-needed.txt
=====================================
@@ -25,9 +25,6 @@ amanda (Thorsten Alteholz)
   NOTE: 20230730: Added by Front-Desk (apo)
   NOTE: 20230827: still testing package (ta)
 --
-aom (Markus Koschany)
-  NOTE: 20230823: Added by Front-Desk (apo)
---
 c-ares (Utkarsh)
   NOTE: 20230826: Added by Front-Desk (utkarsh)
   NOTE: 20230826: it's a heap buffer overflow. Have mixed feelings about this one. Will look thoroughly. (utkarsh)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/9ac31b023d3f06d5e1b69207ec5c0c3cb767d5eb...d78b3da980af03d7654e63aca66305f83db11079

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/9ac31b023d3f06d5e1b69207ec5c0c3cb767d5eb...d78b3da980af03d7654e63aca66305f83db11079
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230905/05dd511f/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list