[Git][security-tracker-team/security-tracker][master] Update information for 3 imlib2 CVEs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Mon Feb 12 20:26:32 GMT 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
726f7775 by Salvatore Bonaccorso at 2024-02-12T21:25:49+01:00
Update information for 3 imlib2 CVEs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -201,11 +201,20 @@ CVE-2024-25452 (Bento4 v1.6.0-640 was discovered to contain an out-of-memory bug
CVE-2024-25451 (Bento4 v1.6.0-640 was discovered to contain an out-of-memory bug via t ...)
NOT-FOR-US: Bento4
CVE-2024-25450 (imlib2 v1.9.1 was discovered to mishandle memory allocation in the fun ...)
- TODO: check
+ - imlib2 1.10.0-2
+ NOTE: https://github.com/derf/feh/issues/712
+ NOTE: https://git.enlightenment.org/old/legacy-imlib2/issues/20
+ NOTE: Fixed by: https://git.enlightenment.org/old/legacy-imlib2/commit/e9c09deb08047c9e902ce37144e82b6edb8aedb6 (v1.10.0)
CVE-2024-25448 (An issue in the imlib_free_image_and_decache function of imlib2 v1.9.1 ...)
- TODO: check
+ - imlib2 1.10.0-2
+ NOTE: https://github.com/derf/feh/issues/711
+ NOTE: https://git.enlightenment.org/old/legacy-imlib2/issues/20
+ NOTE: Fixed by: https://git.enlightenment.org/old/legacy-imlib2/commit/e9c09deb08047c9e902ce37144e82b6edb8aedb6 (v1.10.0)
CVE-2024-25447 (An issue in the imlib_load_image_with_error_return function of imlib2 ...)
- TODO: check
+ - imlib2 1.10.0-2
+ NOTE: https://github.com/derf/feh/issues/709
+ NOTE: https://git.enlightenment.org/old/legacy-imlib2/issues/20
+ NOTE: Fixed by: https://git.enlightenment.org/old/legacy-imlib2/commit/e9c09deb08047c9e902ce37144e82b6edb8aedb6 (v1.10.0)
CVE-2024-25446 (An issue in the HuginBase::PTools::setDestImage function of Hugin v202 ...)
- hugin 2023.0~beta1+dfsg-1 (unimportant)
NOTE: Crash in CLI tool, no security impact
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/726f77754eba5dc5a7300678f48146b031dd8023
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/726f77754eba5dc5a7300678f48146b031dd8023
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240212/7d384d35/attachment.htm>
More information about the debian-security-tracker-commits
mailing list