[Git][security-tracker-team/security-tracker][master] jpeg-xl fixed in sid

Moritz Muehlenhoff (@jmm) jmm at debian.org
Thu Dec 26 18:45:27 GMT 2024



Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
7145d317 by Moritz Muehlenhoff at 2024-12-26T19:44:58+01:00
jpeg-xl fixed in sid

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -7110,13 +7110,13 @@ CVE-2024-11646 (A vulnerability classified as critical was found in 1000 Project
 	NOT-FOR-US: 1000 Projects Beauty Parlour Management System
 CVE-2024-11498 (There exists a stack buffer overflow in libjxl.A specifically-crafted  ...)
 	[experimental] - jpeg-xl 0.10.4-1
-	- jpeg-xl <unfixed> (bug #1088818)
+	- jpeg-xl 0.10.4-2 (bug #1088818)
 	[bookworm] - jpeg-xl <no-dsa> (Minor issue)
 	NOTE: https://github.com/libjxl/libjxl/pull/3943
 	NOTE: https://github.com/libjxl/libjxl/commit/bf4781a2eed2eef664790170977d1d3d8347efb9
 CVE-2024-11403 (There exists an out of bounds read/write in LibJXL versions prior to c ...)
 	[experimental] - jpeg-xl 0.10.4-1
-	- jpeg-xl <unfixed> (bug #1088818)
+	- jpeg-xl 0.10.4-2 (bug #1088818)
 	NOTE: https://github.com/libjxl/libjxl/commit/9cc451b91b74ba470fd72bd48c121e9f33d24c99
 CVE-2024-10710 (The YaDisk Files WordPress plugin through 1.2.5 does not sanitise and  ...)
 	NOT-FOR-US: WordPress plugin



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7145d31789201cb4e9411eac99edbd6b1159072a

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7145d31789201cb4e9411eac99edbd6b1159072a
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241226/478b71be/attachment.htm>


More information about the debian-security-tracker-commits mailing list