[Git][security-tracker-team/security-tracker][master] 2 commits: openexr no-dsa

Sat, 03 Apr 2021 14:40:06 -0700 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
ad8405a5 by Moritz Muehlenhoff at 2021-04-03T23:37:18+02:00
openexr no-dsa

- - - - -
3c8ca454 by Moritz Muehlenhoff at 2021-04-03T23:39:30+02:00
bsdiff fixed in sid

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1042,14 +1042,16 @@ CVE-2021-3479 (There's a flaw in OpenEXR's Scanline API 
functionality in version
        NOTE: https://github.com/AcademySoftwareFoundation/openexr/pull/830
 CVE-2021-3478 (There's a flaw in OpenEXR's scanline input file functionality 
in versi ...)
        - openexr <unfixed>
+       [buster] - openexr <no-dsa> (Minor issue)
        NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=27409
        NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1939160
-       TODO: check
+       NOTE: 
https://github.com/AcademySoftwareFoundation/openexr/commit/bc88cdb6c97fbf5bc5d11ad8ca55306da931283a
 CVE-2021-3477 (There's a flaw in OpenEXR's deep tile sample size calculations 
in vers ...)
        - openexr <unfixed>
+       [buster] - openexr <no-dsa> (Minor issue)
        NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=26956
        NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1939159
-       TODO: check
+       NOTE: 
https://github.com/AcademySoftwareFoundation/openexr/commit/467be80b75642efbbe6bdace558079f68c16acb1
 CVE-2021-29645
        RESERVED
 CVE-2021-29644
@@ -65245,7 +65247,7 @@ CVE-2020-14317
 CVE-2020-14316 (A flaw was found in kubevirt 0.29 and earlier. Virtual Machine 
Instanc ...)
        NOT-FOR-US: KubeVirt
 CVE-2020-14315 (A memory corruption vulnerability is present in bspatch as 
shipped in  ...)
-       - bsdiff <unfixed> (bug #964796)
+       - bsdiff 4.3-22 (bug #964796)
        [buster] - bsdiff <no-dsa> (Minor issue)
        [stretch] - bsdiff <no-dsa> (Minor issue)
        NOTE: https://www.openwall.com/lists/oss-security/2020/07/09/2



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/272cecec1b084fb4087c77496c794d6f6315cbf5...3c8ca4545eba46449b9710840d363e6399412af7

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/272cecec1b084fb4087c77496c794d6f6315cbf5...3c8ca4545eba46449b9710840d363e6399412af7
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to