Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
f906ecc9 by Salvatore Bonaccorso at 2020-05-02T15:17:50+02:00
Add Debian bug reference for openexr issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -2805,52 +2805,52 @@ CVE-2020-11767 (Istio through 1.5.1 and Envoy through
1.14.1 have a data-leak is
CVE-2020-11766
RESERVED
CVE-2020-11765 (An issue was discovered in OpenEXR before 2.4.1. There is an
off-by-on ...)
- - openexr <unfixed>
+ - openexr <unfixed> (bug #959444)
[jessie] - openexr <no-dsa> (Minor issue)
NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=1987
NOTE:
https://github.com/AcademySoftwareFoundation/openexr/commit/3eda5d70aba127bae9bd6bae9956fcf024b64031
NOTE:
https://github.com/AcademySoftwareFoundation/openexr/commit/2ae5f8376b0a6c3e2bb100042f5de79503ba837a
TODO: check correctness
CVE-2020-11764 (An issue was discovered in OpenEXR before 2.4.1. There is an
out-of-bo ...)
- - openexr <unfixed>
+ - openexr <unfixed> (bug #959444)
[jessie] - openexr <no-dsa> (Minor issue)
NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=1987
NOTE:
https://github.com/AcademySoftwareFoundation/openexr/commit/e7c26f6ef5bf7ae8ea21ecf19963186cd1391720
NOTE:
https://github.com/AcademySoftwareFoundation/openexr/commit/a6408c90339bdf19f89476578d7f936b741be9b2
TODO: check correctness
CVE-2020-11763 (An issue was discovered in OpenEXR before 2.4.1. There is an
std::vect ...)
- - openexr <unfixed>
+ - openexr <unfixed> (bug #959444)
[jessie] - openexr <no-dsa> (Minor issue)
NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=1987
TODO: check fixing commit
CVE-2020-11762 (An issue was discovered in OpenEXR before 2.4.1. There is an
out-of-bo ...)
- - openexr <unfixed>
+ - openexr <unfixed> (bug #959444)
[jessie] - openexr <no-dsa> (Minor issue)
NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=1987
NOTE:
https://github.com/AcademySoftwareFoundation/openexr/commit/3eda5d70aba127bae9bd6bae9956fcf024b64031
NOTE:
https://github.com/AcademySoftwareFoundation/openexr/commit/2ae5f8376b0a6c3e2bb100042f5de79503ba837a
TODO: check correctness
CVE-2020-11761 (An issue was discovered in OpenEXR before 2.4.1. There is an
out-of-bo ...)
- - openexr <unfixed>
+ - openexr <unfixed> (bug #959444)
[jessie] - openexr <no-dsa> (Minor issue)
NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=1987
NOTE:
https://github.com/AcademySoftwareFoundation/openexr/commit/b1c34c496b62117115b1089b18a44e0031800a09
TODO: check correctness
CVE-2020-11760 (An issue was discovered in OpenEXR before 2.4.1. There is an
out-of-bo ...)
- - openexr <unfixed>
+ - openexr <unfixed> (bug #959444)
[jessie] - openexr <no-dsa> (Minor issue)
NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=1987
NOTE:
https://github.com/AcademySoftwareFoundation/openexr/commit/37750013830def57f19f3c3b7faaa9fc1dae81b3
TODO: check correctness
CVE-2020-11759 (An issue was discovered in OpenEXR before 2.4.1. Because of
integer ov ...)
- - openexr <unfixed>
+ - openexr <unfixed> (bug #959444)
[jessie] - openexr <no-dsa> (Minor issue)
NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=1987
NOTE:
https://github.com/AcademySoftwareFoundation/openexr/commit/b9997d0c045fa01af3d2e46e1a74b07cc4519446
NOTE:
https://github.com/AcademySoftwareFoundation/openexr/commit/acad98d6d3e787f36012a3737c23c42c7f43a00f
TODO: check completeness for upstream commits to cover CVE-2020-11759
CVE-2020-11758 (An issue was discovered in OpenEXR before 2.4.1. There is an
out-of-bo ...)
- - openexr <unfixed>
+ - openexr <unfixed> (bug #959444)
[jessie] - openexr <no-dsa> (Minor issue)
NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=1987
TODO: check isolated commit to fix issue
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f906ecc9a74c5fde0e3dc484e3d3ec6cc076cefc
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f906ecc9a74c5fde0e3dc484e3d3ec6cc076cefc
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
