[Git][security-tracker-team/security-tracker][master] Add upstream bugs for freeimage's CVE-2023-47993 and CVE-2023-47994
Santiago R.R. (@santiago)
santiago at debian.org
Tue Oct 1 02:54:08 BST 2024
Santiago R.R. pushed to branch master at Debian Security Tracker / security-tracker
Commits:
98c0aac6 by Santiago Ruano Rincón at 2024-09-30T22:53:43-03:00
Add upstream bugs for freeimage's CVE-2023-47993 and CVE-2023-47994
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -72002,12 +72002,14 @@ CVE-2023-47994 (An integer overflow vulnerability in LoadPixelDataRLE4 function
[bullseye] - freeimage <postponed> (Revisit when fixed upstream)
[buster] - freeimage <postponed> (Revisit when fixed upstream)
NOTE: https://github.com/thelastede/FreeImage-cve-poc/tree/master/CVE-2023-47994
+ NOTE: https://sourceforge.net/p/freeimage/bugs/359/
CVE-2023-47993 (A Buffer out-of-bound read vulnerability in Exif.cpp::ReadInt32 in Fre ...)
- freeimage <unfixed> (bug #1060691)
[bookworm] - freeimage <postponed> (Revisit when fixed upstream)
[bullseye] - freeimage <postponed> (Revisit when fixed upstream)
[buster] - freeimage <postponed> (Revisit when fixed upstream)
NOTE: https://github.com/thelastede/FreeImage-cve-poc/tree/master/CVE-2023-47993
+ NOTE: https://sourceforge.net/p/freeimage/bugs/358/
CVE-2023-47992 (An integer overflow vulnerability in FreeImageIO.cpp::_MemoryReadProc ...)
- freeimage <unfixed> (bug #1060691)
[bookworm] - freeimage <postponed> (Revisit when fixed upstream)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/98c0aac61fe7a8899cebe2aebbb98141dd26781d
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/98c0aac61fe7a8899cebe2aebbb98141dd26781d
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241001/d1464d3d/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list