[Git][security-tracker-team/security-tracker][master] Remove information of CVE-2023-39327 beeing fixed with DSA-5851-1

Salvatore Bonaccorso (@carnil) carnil at debian.org
Fri Feb 21 10:04:35 GMT 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
3053008c by Salvatore Bonaccorso at 2025-02-21T10:54:04+01:00
Remove information of CVE-2023-39327 beeing fixed with DSA-5851-1

The applied commit only mitigates the issues in some cases. Upstream
and other distributions are inline with the issue not yet beeing fixed
(unless the case of absence of EPH).

Try to bring the CVE entry in a consistent state.

- - - - -


2 changed files:

- data/CVE/list
- data/DSA/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -61677,7 +61677,6 @@ CVE-2023-39328 (A vulnerability was found in OpenJPEG similar to CVE-2019-6988.
 	NOTE: https://github.com/uclouvain/openjpeg/issues/1471
 	NOTE: https://github.com/uclouvain/openjpeg/pull/1470
 CVE-2023-39327 (A flaw was found in OpenJPEG. Maliciously constructed pictures can cau ...)
-	{DSA-5851-1}
 	- openjpeg2 <unfixed> (bug #1081908)
 	[bullseye] - openjpeg2 <no-dsa> (Minor issue)
 	NOTE: https://github.com/uclouvain/openjpeg/issues/1472


=====================================
data/DSA/list
=====================================
@@ -53,7 +53,7 @@
 	{CVE-2024-25590}
 	[bookworm] - pdns-recursor 4.8.8-1+deb12u1
 [27 Jan 2025] DSA-5851-1 openjpeg2 - security update
-	{CVE-2021-3575 CVE-2023-39327 CVE-2024-56826 CVE-2024-56827}
+	{CVE-2021-3575 CVE-2024-56826 CVE-2024-56827}
 	[bookworm] - openjpeg2 2.5.0-2+deb12u1
 [26 Jan 2025] DSA-5850-1 git - security update
 	{CVE-2024-50349 CVE-2024-52006}



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3053008c10706ede63ed99e1dd2b212a0242d358

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3053008c10706ede63ed99e1dd2b212a0242d358
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250221/c2fced3b/attachment.htm>

More information about the debian-security-tracker-commits mailing list