[Git][security-tracker-team/security-tracker][master] Update information on some older upc-ucl issues
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Fri Jan 12 21:40:30 GMT 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
97d2be57 by Salvatore Bonaccorso at 2024-01-12T22:04:59+01:00
Update information on some older upc-ucl issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -156841,37 +156841,37 @@ CVE-2021-43319 (Zoho ManageEngine Network Configuration Manager before 125488 is
CVE-2021-43318
RESERVED
CVE-2021-43317 (A heap-based buffer overflows was discovered in upx, during the generi ...)
- - upx-ucl <unfixed> (unimportant)
+ - upx-ucl 4.2.2-1 (unimportant)
NOTE: https://github.com/upx/upx/issues/380
NOTE: https://github.com/upx/upx/commit/b327645e648d46c8730be80730a171cf74cfe338
NOTE: Crash in CLI tool, no security impact
CVE-2021-43316 (A heap-based buffer overflow was discovered in upx, during the generic ...)
- - upx-ucl <unfixed> (unimportant)
+ - upx-ucl 4.2.2-1 (unimportant)
NOTE: https://github.com/upx/upx/issues/381
NOTE: https://github.com/upx/upx/commit/962c35aa08ef3dcee13d3f7ef6e2d845da912f25
NOTE: Crash in CLI tool, no security impact
CVE-2021-43315 (A heap-based buffer overflows was discovered in upx, during the generi ...)
- - upx-ucl <unfixed> (unimportant)
+ - upx-ucl 4.2.2-1 (unimportant)
NOTE: https://github.com/upx/upx/issues/380
NOTE: https://github.com/upx/upx/commit/b327645e648d46c8730be80730a171cf74cfe338
NOTE: Crash in CLI tool, no security impact
CVE-2021-43314 (A heap-based buffer overflows was discovered in upx, during the generi ...)
- - upx-ucl <unfixed> (unimportant)
+ - upx-ucl 4.2.2-1 (unimportant)
NOTE: https://github.com/upx/upx/issues/380
NOTE: https://github.com/upx/upx/commit/b327645e648d46c8730be80730a171cf74cfe338
NOTE: Crash in CLI tool, no security impact
CVE-2021-43313 (A heap-based buffer overflow was discovered in upx, during the variabl ...)
- - upx-ucl <unfixed> (unimportant)
+ - upx-ucl 4.2.2-1 (unimportant)
NOTE: https://github.com/upx/upx/issues/378
NOTE: https://github.com/upx/upx/commit/828a6cf07b69bc7314e888d7b76f0eafe125a3f6
NOTE: Crash in CLI tool, no security impact
CVE-2021-43312 (A heap-based buffer overflow was discovered in upx, during the variabl ...)
- - upx-ucl <unfixed> (unimportant)
+ - upx-ucl 4.2.2-1 (unimportant)
NOTE: https://github.com/upx/upx/issues/379
NOTE: https://github.com/upx/upx/commit/828a6cf07b69bc7314e888d7b76f0eafe125a3f6
NOTE: Crash in CLI tool, no security impact
CVE-2021-43311 (A heap-based buffer overflow was discovered in upx, during the generic ...)
- - upx-ucl <unfixed> (unimportant)
+ - upx-ucl 4.2.2-1 (unimportant)
NOTE: https://github.com/upx/upx/issues/380
NOTE: https://github.com/upx/upx/commit/b327645e648d46c8730be80730a171cf74cfe338
NOTE: Crash in CLI tool, no security impact
@@ -192248,14 +192248,14 @@ CVE-2021-3493 (The overlayfs implementation in the linux kernel did not properly
[stretch] - linux <not-affected> (Unprivileged users cannot mount overlayfs)
NOTE: https://www.openwall.com/lists/oss-security/2021/04/16/1
CVE-2021-30501 (An assertion abort was found in upx MemBuffer::alloc() in mem.cpp, in ...)
- - upx-ucl <unfixed> (unimportant)
+ - upx-ucl 4.2.2-1 (unimportant)
NOTE: https://github.com/upx/upx/issues/486
NOTE: https://github.com/upx/upx/pull/487
- NOTE: https://github.com/upx/upx/commit/28e761cd42211dfe0124b7a29b2f74730f453e46
+ NOTE: https://github.com/upx/upx/commit/bf957f435ee59e3c0d7cc2c4fb27907d2e7829ed (v3.99)
CVE-2021-30500 (Null pointer dereference was found in upx PackLinuxElf::canUnpack() in ...)
- - upx-ucl <unfixed> (unimportant)
+ - upx-ucl 4.2.2-1 (unimportant)
NOTE: https://github.com/upx/upx/issues/485
- NOTE: https://github.com/upx/upx/commit/90279abdfcd235172eab99651043051188938dcc
+ NOTE: https://github.com/upx/upx/commit/be050693f229d629f56650f67f612fc68e285600 (v3.99)
CVE-2021-30499 (A flaw was found in libcaca. A buffer overflow of export.c in function ...)
- libcaca 0.99.beta19-3 (bug #987278)
[bullseye] - libcaca <no-dsa> (Minor issue)
@@ -219041,9 +219041,9 @@ CVE-2021-20286 (A flaw was found in libnbd 1.7.3. An assertion failure in nbd_un
NOTE: Fixed by: https://gitlab.com/nbdkit/libnbd/-/commit/2216190ecbbd853648df6a3280c17b345b0907a0 (v1.6.2)
NOTE: Fixed by: https://gitlab.com/nbdkit/libnbd/-/commit/fb4440de9cc76e9c14bd3ddf3333e78621f40ad0 (v1.7.3)
CVE-2021-20285 (A flaw was found in upx canPack in p_lx_elf.cpp in UPX 3.96. This flaw ...)
- - upx-ucl <unfixed> (unimportant)
+ - upx-ucl 4.2.2-1 (unimportant)
NOTE: https://github.com/upx/upx/issues/421
- NOTE: https://github.com/upx/upx/commit/3781df9da23840e596d5e9e8493f22666802fe6c
+ NOTE: https://github.com/upx/upx/commit/13bc031163863cb3866aa6cdc018dff0697aa5d4 (v3.99)
CVE-2021-20284 (A flaw was found in GNU Binutils 2.35.1, where there is a heap-based b ...)
- binutils 2.37-3 (unimportant)
NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=26931
@@ -230581,33 +230581,33 @@ CVE-2020-27804
CVE-2020-27803
RESERVED
CVE-2020-27802 (An floating point exception was discovered in the elf_lookup function ...)
- - upx-ucl <unfixed> (unimportant)
+ - upx-ucl 4.2.2-1 (unimportant)
NOTE: https://github.com/upx/upx/issues/393
NOTE: https://github.com/upx/upx/commit/8d1d605b3d8c49bdfe9376454f0196738bed8166
CVE-2020-27801 (A heap-based buffer over-read was discovered in the get_le64 function ...)
- - upx-ucl <unfixed> (unimportant)
+ - upx-ucl 4.2.2-1 (unimportant)
NOTE: https://github.com/upx/upx/issues/394
- NOTE: https://github.com/upx/upx/commit/49edccd7165696dcc0bf79f50cae4011313ddd28
+ NOTE: https://github.com/upx/upx/commit/cc9ccdbbd12eb1fe2d926667d0427c63e95a0ca6
CVE-2020-27800 (A heap-based buffer over-read was discovered in the get_le32 function ...)
- - upx-ucl <unfixed> (unimportant)
+ - upx-ucl 4.2.2-1 (unimportant)
NOTE: https://github.com/upx/upx/issues/395
- NOTE: https://github.com/upx/upx/commit/76cd518110a9e7597363012ff4e31bcd526a081e
+ NOTE: https://github.com/upx/upx/commit/cc60f03b2eae1626155d0b6d97a2d9d7529616c7
CVE-2020-27799 (A heap-based buffer over-read was discovered in the acc_ua_get_be32 fu ...)
- - upx-ucl <unfixed> (unimportant)
+ - upx-ucl 4.2.2-1 (unimportant)
NOTE: https://github.com/upx/upx/issues/391
- NOTE: https://github.com/upx/upx/commit/8764fdc24c31c21dc43b2a2f99eb8c48a34e5e9c
+ NOTE: https://github.com/upx/upx/commit/4e2fdb464a885c694408552c31739cb04b77bdcf
CVE-2020-27798 (An invalid memory address reference was discovered in the adjABS funct ...)
- - upx-ucl <unfixed> (unimportant)
+ - upx-ucl 4.2.2-1 (unimportant)
NOTE: https://github.com/upx/upx/issues/396
- NOTE: https://github.com/upx/upx/commit/624eb22d743db206f689a411a2272080b0d7f94f
+ NOTE: https://github.com/upx/upx/commit/77c914bce58aab9459029bed699f2bfb7ff2f90f
CVE-2020-27797 (An invalid memory address reference was discovered in the elf_lookup f ...)
- - upx-ucl <unfixed> (unimportant)
+ - upx-ucl 4.2.2-1 (unimportant)
NOTE: https://github.com/upx/upx/issues/390
- NOTE: https://github.com/upx/upx/commit/7d093174597483053e95f07d9f4614024c09890e
+ NOTE: https://github.com/upx/upx/commit/73b854874e723f38e84e5ff57a9eeb99653ca74c
CVE-2020-27796 (A heap-based buffer over-read was discovered in the invert_pt_dynamic ...)
- - upx-ucl <unfixed> (unimportant)
+ - upx-ucl 4.2.2-1 (unimportant)
NOTE: https://github.com/upx/upx/issues/392
- NOTE: https://github.com/upx/upx/commit/7d093174597483053e95f07d9f4614024c09890e
+ NOTE: https://github.com/upx/upx/commit/73b854874e723f38e84e5ff57a9eeb99653ca74c
CVE-2020-27795 (A segmentation fault was discovered in radare2 with adf command. In li ...)
- radare2 5.0.0+dfsg-1
NOTE: https://github.com/radareorg/radare2/commit/4d3811681a80f92a53e795f6a64c4b0fc2c8dd22 (4.4.0)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/97d2be579e16b8abddc41e36019cab3611dbc97a
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/97d2be579e16b8abddc41e36019cab3611dbc97a
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240112/f2f64c81/attachment.htm>
More information about the debian-security-tracker-commits
mailing list