[Git][security-tracker-team/security-tracker][master] Associate several tsMuxer with a RFP bug for tsmuxer

Salvatore Bonaccorso (@carnil) carnil at debian.org
Fri Nov 15 20:38:41 GMT 2024 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
2cdf226b by Salvatore Bonaccorso at 2024-11-15T21:37:05+01:00
Associate several tsMuxer with a RFP bug for tsmuxer

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -101607,9 +101607,9 @@ CVE-2023-5557 (A flaw was found in the tracker-miners package. A weakness in the
 CVE-2023-4562 (Improper Authentication vulnerability in Mitsubishi Electric Corporati ...)
 	NOT-FOR-US: Mitsubishi
 CVE-2023-45511 (A memory leak in tsMuxer version git-2539d07 allows attackers to cause ...)
-	NOT-FOR-US: tsMuxer
+	- tsmuxer <itp> (bug #761820)
 CVE-2023-45510 (tsMuxer version git-2539d07 was discovered to contain an alloc-dealloc ...)
-	NOT-FOR-US: tsMuxer
+	- tsmuxer <itp> (bug #761820)
 CVE-2023-41263 (An issue was discovered in Plixer Scrutinizer before 19.3.1. It expose ...)
 	NOT-FOR-US: Plixer Scrutinizer
 CVE-2023-41262 (An issue was discovered in /fcgi/scrut_fcgi.fcgi in Plixer Scrutinizer ...)
@@ -170340,7 +170340,7 @@ CVE-2022-43154
 CVE-2022-43153
 	RESERVED
 CVE-2022-43152 (tsMuxer v2.6.16 was discovered to contain a heap overflow via the func ...)
-	NOT-FOR-US: tsMuxer
+	- tsmuxer <itp> (bug #761820)
 CVE-2022-43151 (timg v1.4.4 was discovered to contain a memory leak via the function t ...)
 	- timg 1.4.5-1 (unimportant)
 	NOTE: https://github.com/hzeller/timg/issues/92
@@ -232803,15 +232803,15 @@ CVE-2021-45866 (A Stored Cross Site Scripting (XSS) vulnerability exists in Sour
 CVE-2021-45865 (A File Upload vulnerability exists in Sourcecodester Student Attendanc ...)
 	NOT-FOR-US: Sourcecodester Student Attendance Management System
 CVE-2021-45864 (tsMuxer git-c6a0277 was discovered to contain a segmentation fault via ...)
-	NOT-FOR-US: tsMuxer
+	- tsmuxer <itp> (bug #761820)
 CVE-2021-45863 (tsMuxer git-2678966 was discovered to contain a heap-based buffer over ...)
-	NOT-FOR-US: tsMuxer
+	- tsmuxer <itp> (bug #761820)
 CVE-2021-45862
 	RESERVED
 CVE-2021-45861 (There is an Assertion `num <= INT_BIT' failed at BitStreamReader::skip ...)
-	NOT-FOR-US: tsMuxer
+	- tsmuxer <itp> (bug #761820)
 CVE-2021-45860 (An integer overflow in DTSStreamReader::findFrame() of tsMuxer git-267 ...)
-	NOT-FOR-US: tsMuxer
+	- tsmuxer <itp> (bug #761820)
 CVE-2021-45859
 	RESERVED
 CVE-2021-45858
@@ -265227,11 +265227,11 @@ CVE-2021-35348
 CVE-2021-35347
 	RESERVED
 CVE-2021-35346 (tsMuxer v2.6.16 was discovered to contain a heap-based buffer overflow ...)
-	NOT-FOR-US: tsMuxer
+	- tsmuxer <itp> (bug #761820)
 CVE-2021-35345
 	RESERVED
 CVE-2021-35344 (tsMuxer v2.6.16 was discovered to contain a heap-based buffer overflow ...)
-	NOT-FOR-US: tsMuxer
+	- tsmuxer <itp> (bug #761820)
 CVE-2021-35343 (Cross-Site Request Forgery (CSRF) vulnerability in the /op/op.Ajax.php ...)
 	NOT-FOR-US: SeedDMS
 CVE-2021-35342 (The useradm service 1.14.0 (in Northern.tech Mender Enterprise 2.7.x b ...)
@@ -268188,15 +268188,15 @@ CVE-2021-34073 (A Cross Site Scripting (XSS) vulnerabilty exists in Sourcecodest
 CVE-2021-34072
 	RESERVED
 CVE-2021-34071 (Heap based buffer overflow in tsMuxer 2.6.16 allows attackers to cause ...)
-	NOT-FOR-US: tsMuxer
+	- tsmuxer <itp> (bug #761820)
 CVE-2021-34070 (Out-of-bounds Read in tsMuxer 2.6.16 allows attackers to cause a Denia ...)
-	NOT-FOR-US: tsMuxer
+	- tsmuxer <itp> (bug #761820)
 CVE-2021-34069 (Divide-by-zero bug in tsMuxer 2.6.16 allows attackers to cause a Denia ...)
-	NOT-FOR-US: tsMuxer
+	- tsmuxer <itp> (bug #761820)
 CVE-2021-34068 (Heap based buffer overflow in tsMuxer 2.6.16 allows attackers to cause ...)
-	NOT-FOR-US: tsMuxer
+	- tsmuxer <itp> (bug #761820)
 CVE-2021-34067 (Heap based buffer overflow in tsMuxer 2.6.16 allows attackers to cause ...)
-	NOT-FOR-US: tsMuxer
+	- tsmuxer <itp> (bug #761820)
 CVE-2021-34066 (An issue was discovered in EdgeGallery/developer before v1.0. There is ...)
 	NOT-FOR-US: EdgeGallery/developer
 CVE-2021-34065
@@ -287313,7 +287313,7 @@ CVE-2021-26807 (GalaxyClient version 2.0.28.9 loads unsigned DLLs such as zlib1.
 CVE-2021-26806
 	RESERVED
 CVE-2021-26805 (Buffer Overflow in tsMuxer 2.6.16 allows attackers to cause a Denial o ...)
-	NOT-FOR-US: tsMuxer
+	- tsmuxer <itp> (bug #761820)
 CVE-2021-26804 (Insecure Permissions in Centreon Web versions 19.10.18, 20.04.8, and 2 ...)
 	- centreon-web <itp> (bug #913903)
 CVE-2021-26803



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2cdf226bc8c14da57001095adb0818c58f53a544

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2cdf226bc8c14da57001095adb0818c58f53a544
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241115/b885c4ef/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list