[Git][security-tracker-team/security-tracker][master] CVE-2022-40090/tiff: buster postponed; drop tiff from work queue
Sylvain Beucler (@beuc)
beuc at debian.org
Tue Sep 26 10:56:44 BST 2023
Sylvain Beucler pushed to branch master at Debian Security Tracker / security-tracker
Commits:
476b35fb by Sylvain Beucler at 2023-09-26T11:56:22+02:00
CVE-2022-40090/tiff: buster postponed; drop tiff from work queue
- - - - -
2 changed files:
- data/CVE/list
- data/dla-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -72907,6 +72907,7 @@ CVE-2022-40091 (Online Tours & Travels Management System v1.0 was discovered to
CVE-2022-40090 (An issue was discovered in function TIFFReadDirectory libtiff before 4 ...)
- tiff 4.5.0-2
[bullseye] - tiff <no-dsa> (Minor issue)
+ [buster] - tiff <postponed> (Minor issue, DoS)
NOTE: https://gitlab.com/libtiff/libtiff/-/issues/455
NOTE: https://gitlab.com/libtiff/libtiff/-/merge_requests/386
NOTE: https://gitlab.com/libtiff/libtiff/-/commit/d093eb5d961e21ba51420bc22382c514683a4d91 (v4.5.0rc1)
=====================================
data/dla-needed.txt
=====================================
@@ -228,9 +228,6 @@ suricata (tobi)
NOTE: 20230714: Still reviewing+testing CVEs. (bunk)
NOTE: 20230731: Still reviewing+testing CVEs. (bunk)
--
-tiff (Sylvain Beucler)
- NOTE: 20230826: Added by Front-Desk (utkarsh)
---
trafficserver (Adrian Bunk)
NOTE: 20230826: Added by Front-Desk (utkarsh)
NOTE: 20230826: have pinged Leo in Ubuntu to clarify the status on the
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/476b35fb286685bce419c3b3c9c64f781fcce523
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/476b35fb286685bce419c3b3c9c64f781fcce523
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230926/a6f9e727/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list