[Git][security-tracker-team/security-tracker][master] three unimportant openjpeg2 issues fixed in 2.3.1

Moritz Muehlenhoff Tue, 08 Oct 2019 09:04:46 -0700


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
acbdc0c0 by Moritz Muehlenhoff at 2019-10-08T16:02:14Z
three unimportant openjpeg2 issues fixed in 2.3.1

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -13460,7 +13460,7 @@ CVE-2018-20846 (Out-of-bounds accesses in the functions 
pi_next_lrcp, pi_next_rl
        NOTE: 
https://github.com/uclouvain/openjpeg/commit/c277159986c80142180fbe5efb256bbf3bdf3edc
        NOTE: Debian binary packages built with BUILD_MJ2:BOOL=OFF
 CVE-2018-20845 (Division-by-zero vulnerabilities in the functions 
pi_next_pcrl, pi_nex ...)
-       - openjpeg2 <unfixed> (unimportant)
+       - openjpeg2 2.3.1-1 (unimportant)
        NOTE: 
https://github.com/uclouvain/openjpeg/commit/c5bd64ea146162967c29bd2af0cbb845ba3eaaaf
 (2.3.1)
        NOTE: Debian binary packages built with BUILD_MJ2:BOOL=OFF
 CVE-2018-20844
@@ -80848,7 +80848,7 @@ CVE-2018-7650 (PHP Scripts Mall Hot Scripts 
Clone:Script Classified Version 3.1
 CVE-2018-7649 (Monitorix before 3.10.1 allows XSS via CGI variables. ...)
        NOT-FOR-US: Monitorix
 CVE-2018-7648 (An issue was discovered in mj2/opj_mj2_extract.c in OpenJPEG 
2.3.0. Th ...)
-       - openjpeg2 <unfixed> (unimportant)
+       - openjpeg2 2.3.1-1 (unimportant)
        NOTE: 
https://github.com/kbabioch/openjpeg/commit/6d8c0c06ee32dc03ba80acd48334e98728e56cf5
        NOTE: https://github.com/uclouvain/openjpeg/issues/1088
        NOTE: The Debian package is built with -DBUILD_MJ2:BOOL=OFF
@@ -116079,7 +116079,7 @@ CVE-2017-1000124
 CVE-2017-1000123
        REJECTED
 CVE-2017-12982 (The bmp_read_info_header function in bin/jp2/convertbmp.c in 
OpenJPEG  ...)
-       - openjpeg2 <unfixed> (unimportant)
+       - openjpeg2 2.3.1-1 (unimportant)
        NOTE: https://github.com/uclouvain/openjpeg/issues/983
        NOTE: 
https://github.com/uclouvain/openjpeg/commit/baf0c1ad4572daa89caa3b12985bdd93530f0dd7
 CVE-2017-12975



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/acbdc0c041cb6d3911c11b0f1592ac6c403aeaaf

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/acbdc0c041cb6d3911c11b0f1592ac6c403aeaaf
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] three unimportant openjpeg2 issues fixed in 2.3.1

Reply via email to