[Git][security-tracker-team/security-tracker][master] sane-backends: stretch already mitigated

Wed, 12 Aug 2020 08:26:42 -0700 


Sylvain Beucler pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
c2ad44bf by Sylvain Beucler at 2020-08-12T17:24:40+02:00
sane-backends: stretch already mitigated
CVE-2020-12861,CVE-2020-12864,CVE-2020-12866

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -10880,6 +10880,7 @@ CVE-2020-12866 (A NULL pointer dereference in SANE 
Backends before 1.0.30 allows
        [experimental] - sane-backends 1.0.30-1~experimental1
        - sane-backends <unfixed> (bug #961302)
        [buster] - sane-backends <no-dsa> (Minor issue)
+       [stretch] - sane-backends <ignored> (already mitigated, auto-discovery 
for unsupported network access added in 1.0.27)
        [jessie] - sane-backends <not-affected> (epsonds backend was added in 
1.0.25)
        NOTE: https://gitlab.com/sane-project/backends/-/issues/279
        NOTE: 
https://gitlab.com/sane-project/backends/-/issues/279#issue-2-ghsl-2020-079-null-pointer-dereference-in-epsonds_net_read
@@ -10899,6 +10900,7 @@ CVE-2020-12864 (An out-of-bounds read in SANE Backends 
before 1.0.30 may allow a
        [experimental] - sane-backends 1.0.30-1~experimental1
        - sane-backends <unfixed> (bug #961302)
        [buster] - sane-backends <no-dsa> (Minor issue)
+       [stretch] - sane-backends <ignored> (already mitigated, auto-discovery 
for unsupported network access added in 1.0.27)
        [jessie] - sane-backends <not-affected> (epsonds backend was added in 
1.0.25)
        NOTE: https://gitlab.com/sane-project/backends/-/issues/279
        NOTE: 
https://gitlab.com/sane-project/backends/-/issues/279#issue-4-ghsl-2020-081-reading-uninitialized-data-in-epsonds_net_read
@@ -10927,6 +10929,7 @@ CVE-2020-12861 (A heap buffer overflow in SANE Backends 
before 1.0.30 allows a m
        [experimental] - sane-backends 1.0.30-1~experimental1
        - sane-backends <unfixed> (bug #961302)
        [buster] - sane-backends <no-dsa> (Minor issue)
+       [stretch] - sane-backends <ignored> (already mitigated, auto-discovery 
for unsupported network access added in 1.0.27)
        [jessie] - sane-backends <not-affected> (epsonds backend was added in 
1.0.25)
        NOTE: https://gitlab.com/sane-project/backends/-/issues/279
        NOTE: 
https://gitlab.com/sane-project/backends/-/issues/279#issue-3-ghsl-2020-080-heap-buffer-overflow-in-epsonds_net_read



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c2ad44bf7c81a5877acd8df508d65f4e6295b67a

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c2ad44bf7c81a5877acd8df508d65f4e6295b67a
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to