[Git][security-tracker-team/security-tracker][master] Tagged a few CVEs for freeimage as postponed.
Ola Lundqvist (@opal)
opal at debian.org
Wed Apr 10 21:19:39 BST 2024
Ola Lundqvist pushed to branch master at Debian Security Tracker / security-tracker
Commits:
d20822ee by Ola Lundqvist at 2024-04-10T22:19:21+02:00
Tagged a few CVEs for freeimage as postponed.
Postponed because they are of DoS class and all reverse dependencies are
tools used by a human that should know the input data. One can even question
whether that should even be considered a security issue. In any case it
is nothing that warrant any immediate attention.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -6974,6 +6974,7 @@ CVE-2024-28584 (Null Pointer Dereference vulnerability in open source FreeImage
- freeimage <unfixed> (bug #1068461)
[bookworm] - freeimage <no-dsa> (Revisit when fixed upstream)
[bullseye] - freeimage <no-dsa> (Revisit when fixed upstream)
+ [buster] - freeimage <postponed> (Revisit when fixed upstream, low severity DoS in tool)
NOTE: https://github.com/Ruanxingzhi/vul-report/tree/master/freeimage-r1909
CVE-2024-28583 (Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909 ...)
- freeimage <unfixed> (bug #1068461)
@@ -6999,6 +7000,7 @@ CVE-2024-28579 (Buffer Overflow vulnerability in open source FreeImage v.3.19.0
- freeimage <unfixed> (bug #1068461)
[bookworm] - freeimage <no-dsa> (Revisit when fixed upstream)
[bullseye] - freeimage <no-dsa> (Revisit when fixed upstream)
+ [buster] - freeimage <postponed> (Revisit when fixed upstream, low severity DoS in tool)
NOTE: https://github.com/Ruanxingzhi/vul-report/tree/master/freeimage-r1909
CVE-2024-28578 (Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909 ...)
- freeimage <unfixed> (bug #1068461)
@@ -7009,31 +7011,37 @@ CVE-2024-28577 (Null Pointer Dereference vulnerability in open source FreeImage
- freeimage <unfixed> (bug #1068461)
[bookworm] - freeimage <no-dsa> (Revisit when fixed upstream)
[bullseye] - freeimage <no-dsa> (Revisit when fixed upstream)
+ [buster] - freeimage <postponed> (Revisit when fixed upstream, low severity DoS in tool)
NOTE: https://github.com/Ruanxingzhi/vul-report/tree/master/freeimage-r1909
CVE-2024-28576 (Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909 ...)
- freeimage <unfixed> (bug #1068461)
[bookworm] - freeimage <no-dsa> (Revisit when fixed upstream)
[bullseye] - freeimage <no-dsa> (Revisit when fixed upstream)
+ [buster] - freeimage <postponed> (Revisit when fixed upstream, low severity DoS in tool)
NOTE: https://github.com/Ruanxingzhi/vul-report/tree/master/freeimage-r1909
CVE-2024-28575 (Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909 ...)
- freeimage <unfixed> (bug #1068461)
[bookworm] - freeimage <no-dsa> (Revisit when fixed upstream)
[bullseye] - freeimage <no-dsa> (Revisit when fixed upstream)
+ [buster] - freeimage <postponed> (Revisit when fixed upstream, low severity DoS in tool)
NOTE: https://github.com/Ruanxingzhi/vul-report/tree/master/freeimage-r1909
CVE-2024-28574 (Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909 ...)
- freeimage <unfixed> (bug #1068461)
[bookworm] - freeimage <no-dsa> (Revisit when fixed upstream)
[bullseye] - freeimage <no-dsa> (Revisit when fixed upstream)
+ [buster] - freeimage <postponed> (Revisit when fixed upstream, low severity DoS in tool)
NOTE: https://github.com/Ruanxingzhi/vul-report/tree/master/freeimage-r1909
CVE-2024-28573 (Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909 ...)
- freeimage <unfixed> (bug #1068461)
[bookworm] - freeimage <no-dsa> (Revisit when fixed upstream)
[bullseye] - freeimage <no-dsa> (Revisit when fixed upstream)
+ [buster] - freeimage <postponed> (Revisit when fixed upstream, low severity DoS in tool)
NOTE: https://github.com/Ruanxingzhi/vul-report/tree/master/freeimage-r1909
CVE-2024-28572 (Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909 ...)
- freeimage <unfixed> (bug #1068461)
[bookworm] - freeimage <no-dsa> (Revisit when fixed upstream)
[bullseye] - freeimage <no-dsa> (Revisit when fixed upstream)
+ [buster] - freeimage <postponed> (Revisit when fixed upstream, low severity DoS in tool)
NOTE: https://github.com/Ruanxingzhi/vul-report/tree/master/freeimage-r1909
CVE-2024-28571 (Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909 ...)
- freeimage <unfixed> (bug #1068461)
@@ -7044,6 +7052,7 @@ CVE-2024-28570 (Buffer Overflow vulnerability in open source FreeImage v.3.19.0
- freeimage <unfixed> (bug #1068461)
[bookworm] - freeimage <no-dsa> (Revisit when fixed upstream)
[bullseye] - freeimage <no-dsa> (Revisit when fixed upstream)
+ [buster] - freeimage <postponed> (Revisit when fixed upstream, low severity DoS in tool)
NOTE: https://github.com/Ruanxingzhi/vul-report/tree/master/freeimage-r1909
CVE-2024-28569 (Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909 ...)
- freeimage <unfixed> (bug #1068461)
@@ -7054,11 +7063,13 @@ CVE-2024-28568 (Buffer Overflow vulnerability in open source FreeImage v.3.19.0
- freeimage <unfixed> (bug #1068461)
[bookworm] - freeimage <no-dsa> (Revisit when fixed upstream)
[bullseye] - freeimage <no-dsa> (Revisit when fixed upstream)
+ [buster] - freeimage <postponed> (Revisit when fixed upstream, low severity DoS in tool)
NOTE: https://github.com/Ruanxingzhi/vul-report/tree/master/freeimage-r1909
CVE-2024-28567 (Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909 ...)
- freeimage <unfixed> (bug #1068461)
[bookworm] - freeimage <no-dsa> (Revisit when fixed upstream)
[bullseye] - freeimage <no-dsa> (Revisit when fixed upstream)
+ [buster] - freeimage <postponed> (Revisit when fixed upstream, low severity DoS in tool)
NOTE: https://github.com/Ruanxingzhi/vul-report/tree/master/freeimage-r1909
CVE-2024-28566 (Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909 ...)
- freeimage <unfixed> (bug #1068461)
@@ -7069,16 +7080,19 @@ CVE-2024-28565 (Buffer Overflow vulnerability in open source FreeImage v.3.19.0
- freeimage <unfixed> (bug #1068461)
[bookworm] - freeimage <no-dsa> (Revisit when fixed upstream)
[bullseye] - freeimage <no-dsa> (Revisit when fixed upstream)
+ [buster] - freeimage <postponed> (Revisit when fixed upstream, low severity DoS in tool)
NOTE: https://github.com/Ruanxingzhi/vul-report/tree/master/freeimage-r1909
CVE-2024-28564 (Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909 ...)
- freeimage <unfixed> (bug #1068461)
[bookworm] - freeimage <no-dsa> (Revisit when fixed upstream)
[bullseye] - freeimage <no-dsa> (Revisit when fixed upstream)
+ [buster] - freeimage <postponed> (Revisit when fixed upstream, low severity DoS in tool)
NOTE: https://github.com/Ruanxingzhi/vul-report/tree/master/freeimage-r1909
CVE-2024-28563 (Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909 ...)
- freeimage <unfixed> (bug #1068461)
[bookworm] - freeimage <no-dsa> (Revisit when fixed upstream)
[bullseye] - freeimage <no-dsa> (Revisit when fixed upstream)
+ [buster] - freeimage <postponed> (Revisit when fixed upstream, low severity DoS in tool)
NOTE: https://github.com/Ruanxingzhi/vul-report/tree/master/freeimage-r1909
CVE-2024-28562 (Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909 ...)
- freeimage <unfixed> (bug #1068461)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d20822ee84db3e974bbab954664d5dc70194341e
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d20822ee84db3e974bbab954664d5dc70194341e
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240410/942cbec3/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list