commit patchinfo.16299 for openSUSE:Leap:15.2:Update

Fri, 21 May 2021 22:03:45 -0700 

Script 'mail_helper' called by obssrc
Hello community,

here is the log from the commit of package patchinfo.16299 for 
openSUSE:Leap:15.2:Update checked in at 2021-05-22 07:03:36
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Leap:15.2:Update/patchinfo.16299 (Old)
 and      /work/SRC/openSUSE:Leap:15.2:Update/.patchinfo.16299.new.2988 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Package is "patchinfo.16299"

Sat May 22 07:03:36 2021 rev:1 rq:894359 version:unknown

Changes:
--------
New Changes file:

NO CHANGES FILE!!!

New:
----
  _patchinfo

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ _patchinfo ++++++
<patchinfo incident="16299">
  <issue tracker="cve" id="2021-32490"/>
  <issue tracker="cve" id="2021-32492"/>
  <issue tracker="cve" id="2021-32491"/>
  <issue tracker="cve" id="2021-32493"/>
  <issue tracker="bnc" id="1185905">VUL-0: CVE-2021-32493: djvulibre: Heap 
buffer overflow in function DJVU:GBitmap:decode() via crafted djvu file</issue>
  <issue tracker="bnc" id="1185895">VUL-0: CVE-2021-32490: djvulibre: Out of 
bounds write in function DJVU:filter_bv()  via crafted djvu file</issue>
  <issue tracker="bnc" id="1185904">VUL-0: CVE-2021-32492: djvulibre: Out of 
bounds read in function DJVU:DataPool:has_data() via crafted djvu file</issue>
  <issue tracker="bnc" id="1185900">VUL-0: CVE-2021-32491: djvulibre: Integer 
overflow in function render() in tools/ddjvu via crafted djvu file</issue>
  <packager>pgajdos</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for djvulibre</summary>
  <description>This update for djvulibre fixes the following issues:

- CVE-2021-32490 [bsc#1185895]: Out of bounds write in function 
DJVU:filter_bv() via crafted djvu file
- CVE-2021-32491 [bsc#1185900]: Integer overflow in function render() in 
tools/ddjvu via crafted djvu file
- CVE-2021-32492 [bsc#1185904]: Out of bounds read in function 
DJVU:DataPool:has_data() via crafted djvu file
- CVE-2021-32493 [bsc#1185905]: Heap buffer overflow in function 
DJVU:GBitmap:decode() via crafted djvu file

This update was imported from the SUSE:SLE-15-SP2:Update update 
project.</description>
</patchinfo>

Reply via email to