[Git][security-tracker-team/security-tracker][master] Expand commit id references for CVE-2025-4396{6,7}

Salvatore Bonaccorso (@carnil) carnil at debian.org
Mon May 26 19:35:55 BST 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
f41ab39c by Salvatore Bonaccorso at 2025-05-26T20:35:13+02:00
Expand commit id references for CVE-2025-4396{6,7}

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -11009,13 +11009,13 @@ CVE-2025-43967 (libheif before 1.19.6 has a NULL pointer dereference in ImageIte
 	[bookworm] - libheif <not-affected> (Vulnerable code introduced later)
 	[bullseye] - libheif <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/strukturag/libheif/issues/1455
-	NOTE: Introduced by: https://github.com/strukturag/libheif/commit/e18ac586c (v1.19.0)
+	NOTE: Introduced by: https://github.com/strukturag/libheif/commit/e18ac586ca9e16429b0db1814e433d032a655b6e (v1.19.0)
 	NOTE: Fixed by: https://github.com/strukturag/libheif/commit/6e35af7b0ff9fb6cc952a1539590d160db32f671 (v1.19.6)
 CVE-2025-43966 (libheif before 1.19.6 has a NULL pointer dereference in ImageItem_iden ...)
 	- libheif 1.19.7-1
 	[bookworm] - libheif <not-affected> (Vulnerable code introduced later)
 	[bullseye] - libheif <not-affected> (Vulnerable code introduced later)
-	NOTE: Introduced by: https://github.com/strukturag/libheif/commit/d692fc514 (v1.19.0)
+	NOTE: Introduced by: https://github.com/strukturag/libheif/commit/d692fc51418f2b9b6df972b143095dfcd9f5e4d8 (v1.19.0)
 	NOTE: Fixed by: https://github.com/strukturag/libheif/commit/b38555387e4b5dcf036fe45b0c440aca19b7b69c (v1.19.6)
 CVE-2025-43964 (In LibRaw before 0.21.4, tag 0x412 processing in phase_one_correct in  ...)
 	{DLA-4142-1}



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f41ab39cd44b0e7676c822d373325684b5c66c26

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f41ab39cd44b0e7676c822d373325684b5c66c26
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250526/4ee5a93e/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list