[Git][security-tracker-team/security-tracker][master] Add two mesa issues

Salvatore Bonaccorso (@carnil) carnil at debian.org
Fri Mar 29 08:15:00 GMT 2024 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
43bb45b1 by Salvatore Bonaccorso at 2024-03-29T09:14:39+01:00
Add two mesa issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -938,7 +938,9 @@ CVE-2023-45935 (Qt 6 through 6.6 was discovered to contain a NULL pointer derefe
 	NOTE: https://bugreports.qt.io/browse/QTBUG-115599
 	NOTE: https://codereview.qt-project.org/gitweb?p=qt%2Fqtbase.git;a=commit;h=df77d8939d1c04aa18833fe1e141bb71af1f8e04 (v6.5.3)
 CVE-2023-45931 (Mesa 23.0.4 was discovered to contain a NULL pointer dereference in ch ...)
-	TODO: check
+	- mesa <unfixed> (unimportant)
+	NOTE: https://gitlab.freedesktop.org/mesa/mesa/-/issues/9859
+	NOTE: Disputed and no reasonable security impact proven
 CVE-2023-45929 (S-Lang 2.3.2 was discovered to contain a segmentation fault via the fu ...)
 	TODO: check
 CVE-2023-45927 (S-Lang 2.3.2 was discovered to contain an arithmetic exception via the ...)
@@ -948,7 +950,9 @@ CVE-2023-45925 (GNU Midnight Commander 4.8.29-146-g299d9a2fb was discovered to c
 CVE-2023-45924 (libglxproto.c in OpenGL libglvnd bb06db5a was discovered to contain a  ...)
 	TODO: check
 CVE-2023-45922 (glx_pbuffer.c in Mesa 23.0.4 was discovered to contain a segmentation  ...)
-	TODO: check
+	- mesa <unfixed> (unimportant)
+	NOTE: https://gitlab.freedesktop.org/mesa/mesa/-/issues/9857
+	NOTE: Negligible security impact
 CVE-2023-45920 (Xfig v3.2.8 was discovered to contain a NULL pointer dereference when  ...)
 	TODO: check
 CVE-2023-45919 (Mesa 23.0.4 was discovered to contain a buffer over-read in glXQuerySe ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/43bb45b151a0f8433a5cb63a3311561a2b726d0f

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/43bb45b151a0f8433a5cb63a3311561a2b726d0f
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240329/c4980ea2/attachment.htm>

More information about the debian-security-tracker-commits mailing list