Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
eb6dd361 by Moritz Muehlenhoff at 2020-01-03T23:24:35+01:00
fix syntax...
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -704,7 +704,7 @@ CVE-2019-20207
CVE-2019-20206
RESERVED
CVE-2019-20205 (libsixel 1.8.4 has an integer overflow in sixel_frame_resize
in frame. ...)
- - libsixel <unfixed> (low; #948103)
+ - libsixel <unfixed> (low; bug #948103)
[buster] - libsixel <no-dsa> (Minor issue)
[stretch] - libsixel <no-dsa> (Minor issue)
NOTE: https://github.com/saitoha/libsixel/issues/127
@@ -3356,7 +3356,7 @@ CVE-2019-20142
CVE-2019-20141 (An XSS issue was discovered in the Laborator Neon theme 2.0
for WordPr ...)
NOT-FOR-US: Laborator Neon theme for WordPress
CVE-2019-20140 (An issue was discovered in libsixel 1.8.4. There is a
heap-based buffe ...)
- - libsixel <unfixed> (low; #948103)
+ - libsixel <unfixed> (low; bug #948103)
[buster] - libsixel <no-dsa> (Minor issue)
[stretch] - libsixel <no-dsa> (Minor issue)
[jessie] - libsixel <no-dsa> (Minor issue)
@@ -3458,7 +3458,7 @@ CVE-2019-20095 (mwifiex_tm_cmd in
drivers/net/wireless/marvell/mwifiex/cfg80211.
[jessie] - linux <not-affected> (Vulnerable code introduced later)
NOTE:
https://git.kernel.org/linus/003b686ace820ce2d635a83f10f2d7f9c147dabc
CVE-2019-20094 (An issue was discovered in libsixel 1.8.4. There is a
heap-based buffe ...)
- - libsixel <unfixed> (low; #948103)
+ - libsixel <unfixed> (low; bug #948103)
[buster] - libsixel <no-dsa> (Minor issue)
[stretch] - libsixel <no-dsa> (Minor issue)
[jessie] - libsixel <no-dsa> (Minor issue)
@@ -3548,7 +3548,7 @@ CVE-2019-20058 (** DISPUTED ** Bolt 3.7.0, if Symfony Web
Profiler is used, allo
CVE-2019-20057 (com.proxyman.NSProxy.HelperTool in Privileged Helper Tool in
Proxyman ...)
NOT-FOR-US: Proxyman for macOS
CVE-2019-20056 (stb_image.h (aka the stb image loader) 2.23, as used in
libsixel and o ...)
- - libsixel <unfixed> (low; #948103)
+ - libsixel <unfixed> (low; bug #948103)
[buster] - libsixel <no-dsa> (Minor issue)
[stretch] - libsixel <no-dsa> (Minor issue)
[jessie] - libsixel <no-dsa> (Minor issue)
@@ -3621,21 +3621,21 @@ CVE-2019-20026
CVE-2019-20025
RESERVED
CVE-2019-20024 (A heap-based buffer overflow was discovered in
image_buffer_resize in ...)
- - libsixel <unfixed> (low; #948103)
+ - libsixel <unfixed> (low; bug #948103)
[buster] - libsixel <no-dsa> (Minor issue)
[stretch] - libsixel <no-dsa> (Minor issue)
[jessie] - libsixel <no-dsa> (Minor issue)
NOTE: https://github.com/saitoha/libsixel/issues/121
NOTE:
https://github.com/saitoha/libsixel/commit/6367d2fc8c365c5841d05697200e90c73c4b3c4b
CVE-2019-20023 (A memory leak was discovered in image_buffer_resize in
fromsixel.c in ...)
- - libsixel <unfixed> (low; #948103)
+ - libsixel <unfixed> (low; bug #948103)
[buster] - libsixel <no-dsa> (Minor issue)
[stretch] - libsixel <no-dsa> (Minor issue)
[jessie] - libsixel <no-dsa> (Minor issue)
NOTE: https://github.com/saitoha/libsixel/issues/120
NOTE: Proposed fix:
https://github.com/saitoha/libsixel/commit/b9a4175c803b50a863b0fbd8b8b49058ca725ea6
CVE-2019-20022 (An invalid memory address dereference was discovered in
load_pnm in fr ...)
- - libsixel <unfixed> (low; #948103)
+ - libsixel <unfixed> (low; bug #948103)
[buster] - libsixel <no-dsa> (Minor issue)
[stretch] - libsixel <no-dsa> (Minor issue)
[jessie] - libsixel <no-dsa> (Minor issue)
@@ -4955,13 +4955,13 @@ CVE-2019-19780
CVE-2019-19779
RESERVED
CVE-2019-19778 (An issue was discovered in libsixel 1.8.2. There is a
heap-based buffe ...)
- - libsixel <unfixed> (low; #948103)
+ - libsixel <unfixed> (low; bug #948103)
[buster] - libsixel <no-dsa> (Minor issue)
[stretch] - libsixel <no-dsa> (Minor issue)
[jessie] - libsixel <no-dsa> (Minor issue)
NOTE: https://github.com/saitoha/libsixel/issues/110
CVE-2019-19777 (stb_image.h (aka the stb image loader) 2.23, as used in
libsixel and o ...)
- - libsixel <unfixed> (low; #948103)
+ - libsixel <unfixed> (low; bug #948103)
[buster] - libsixel <no-dsa> (Minor issue)
[stretch] - libsixel <no-dsa> (Minor issue)
[jessie] - libsixel <no-dsa> (Minor issue)
@@ -7541,25 +7541,25 @@ CVE-2019-19640
CVE-2019-19639
RESERVED
CVE-2019-19638 (An issue was discovered in libsixel 1.8.2. There is a
heap-based buffe ...)
- - libsixel <unfixed> (low; #948103)
+ - libsixel <unfixed> (low; bug #948103)
[buster] - libsixel <no-dsa> (Minor issue)
[stretch] - libsixel <no-dsa> (Minor issue)
[jessie] - libsixel <no-dsa> (Minor issue)
NOTE: https://github.com/saitoha/libsixel/issues/102
CVE-2019-19637 (An issue was discovered in libsixel 1.8.2. There is an integer
overflo ...)
- - libsixel <unfixed> (low; #948103)
+ - libsixel <unfixed> (low; bug #948103)
[buster] - libsixel <no-dsa> (Minor issue)
[stretch] - libsixel <no-dsa> (Minor issue)
[jessie] - libsixel <no-dsa> (Minor issue)
NOTE: https://github.com/saitoha/libsixel/issues/105
CVE-2019-19636 (An issue was discovered in libsixel 1.8.2. There is an integer
overflo ...)
- - libsixel <unfixed> (low; #948103)
+ - libsixel <unfixed> (low; bug #948103)
[buster] - libsixel <no-dsa> (Minor issue)
[stretch] - libsixel <no-dsa> (Minor issue)
[jessie] - libsixel <no-dsa> (Minor issue)
NOTE: https://github.com/saitoha/libsixel/issues/104
CVE-2019-19635 (An issue was discovered in libsixel 1.8.2. There is a
heap-based buffe ...)
- - libsixel <unfixed> (low; #948103)
+ - libsixel <unfixed> (low; bug #948103)
[buster] - libsixel <no-dsa> (Minor issue)
[stretch] - libsixel <no-dsa> (Minor issue)
[jessie] - libsixel <no-dsa> (Minor issue)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/eb6dd3613c631f4fb9f2c63aa505236d5511c683
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/eb6dd3613c631f4fb9f2c63aa505236d5511c683
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
