[Git][security-tracker-team/security-tracker][master] Reserve DLA-4493-1 for libstb

Thu Feb 26 06:13:30 GMT 2026


Abhijith PA pushed to branch master at Debian Security Tracker / security-tracker


Commits:
f6c87e78 by Abhijith PA at 2026-02-26T11:42:40+05:30
Reserve DLA-4493-1 for libstb

- - - - -


2 changed files:

- data/CVE/list
- data/DLA/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -374699,7 +374699,6 @@ CVE-2022-28042 (stb_image.h v2.27 was discovered to contain an heap-based use-af
 	{DLA-3305-1}
 	- libstb 0.0~git20230129.5736b15+ds-1 (bug #1014531)
 	[bookworm] - libstb <no-dsa> (Minor issue)
-	[bullseye] - libstb <no-dsa> (Minor issue)
 	NOTE: https://github.com/nothings/stb/issues/1289
 	NOTE: https://github.com/nothings/stb/pull/1297
 	NOTE: https://github.com/nothings/stb/commit/84b94010a7b08003cc3fb93635582849398e7ae2
@@ -374710,7 +374709,6 @@ CVE-2022-28041 (stb_image.h v2.27 was discovered to contain an integer overflow
 	{DLA-3305-1}
 	- libstb 0.0~git20230129.5736b15+ds-1 (bug #1014531)
 	[bookworm] - libstb <no-dsa> (Minor issue)
-	[bullseye] - libstb <no-dsa> (Minor issue)
 	NOTE: https://github.com/nothings/stb/issues/1292
 	NOTE: https://github.com/nothings/stb/pull/1297
 	NOTE: https://github.com/nothings/stb/commit/84b94010a7b08003cc3fb93635582849398e7ae2
@@ -406784,7 +406782,6 @@ CVE-2021-42715 (An issue was discovered in stb stb_image.h 1.33 through 2.27. Th
 	{DLA-3305-1}
 	- libstb 0.0~git20230129.5736b15+ds-1 (bug #1014532)
 	[bookworm] - libstb <no-dsa> (Minor issue)
-	[bullseye] - libstb <no-dsa> (Minor issue)
 	NOTE: https://github.com/nothings/stb/issues/1224
 	NOTE: https://github.com/nothings/stb/pull/1223
 CVE-2021-42714 (Splashtop Remote Client (Business Edition) through 3.4.8.3 creates a T ...)
@@ -420832,7 +420829,6 @@ CVE-2021-37790
 CVE-2021-37789 (stb_image.h 2.27 has a heap-based buffer over in stbi__jpeg_load, lead ...)
 	{DLA-3305-1}
 	- libstb 0.0~git20210910.af1a5bc+ds-1 (bug #1023693)
-	[bullseye] - libstb <no-dsa> (Minor issue)
 	NOTE: https://github.com/nothings/stb/issues/1178
 	NOTE: https://github.com/nothings/stb/commit/5ba0baaa269b3fd681828e0e3b3ac0f1472eaf40
 CVE-2021-37788 (A vulnerability in the web UI of Gurock TestRail v5.3.0.3603 could all ...)
@@ -446033,7 +446029,6 @@ CVE-2021-28022 (Blind SQL injection in the login form in ServiceTonic Helpdesk s
 CVE-2021-28021 (Buffer overflow vulnerability in function stbi__extend_receive in stb_ ...)
 	{DLA-3305-1}
 	- libstb 0.0~git20220908.8b5f1f3+ds-1 (bug #1014530)
-	[bullseye] - libstb <no-dsa> (Minor issue)
 	NOTE: https://github.com/nothings/stb/issues/1108
 	NOTE: https://github.com/nothings/stb/commit/86b7570cfba845e8209c6aec2d15e487bb1d8bb4
 CVE-2021-28020


=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[26 Feb 2026] DLA-4493-1 libstb - security update
+	{CVE-2021-28021 CVE-2021-37789 CVE-2021-42715 CVE-2022-28041 CVE-2022-28042}
+	[bullseye] - libstb 0.0~git20200713.b42009b+ds-1+deb11u1
 [25 Feb 2026] DLA-4492-1 gnutls28 - security update
 	{CVE-2025-9820 CVE-2025-14831}
 	[bullseye] - gnutls28 3.7.1-5+deb11u9



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f6c87e78a28e4bbb09d86be2af0860beeb3850f1

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f6c87e78a28e4bbb09d86be2af0860beeb3850f1
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260226/d9c44138/attachment-0001.htm>
