[Git][security-tracker-team/security-tracker][master] Track two more html issues as fixed in buster

Wed, 09 Jun 2021 21:08:45 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
8250236d by Salvatore Bonaccorso at 2021-06-10T06:06:59+02:00
Track two more html issues as fixed in buster

Choosed to use the buster-pu version as we are short before the 10.10
point release and they were accepted in proposed-updates already.
Thechnically this version though until now never hit the archive for
stable, so we might bump the version to the one in the DSA.

- - - - -


2 changed files:

- data/CVE/list
- data/next-point-update.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -34537,6 +34537,7 @@ CVE-2021-20309 (A flaw was found in ImageMagick in 
versions before 7.0.11 and be
        NOTE: ImageMagick6: 
https://github.com/ImageMagick/ImageMagick6/commit/f1e68d22d1b35459421710587a0dcbab6900b51f
 CVE-2021-20308 (Integer overflow in the htmldoc 1.9.11 and before may allow 
attackers  ...)
        - htmldoc 1.9.11-3 (unimportant; bug #984765)
+       [buster] - htmldoc 1.9.3-1+deb10u1
        NOTE: https://github.com/michaelrsweet/htmldoc/issues/423
        NOTE: Crash in CLI tool, no security impact
 CVE-2021-20307 (Format string vulnerability in panoFileOutputNamesCreate() in 
libpano1 ...)
@@ -109397,6 +109398,7 @@ CVE-2019-19631 (An issue was discovered in Big Switch 
Big Monitoring Fabric 6.2
 CVE-2019-19630 (HTMLDOC 1.9.7 allows a stack-based buffer overflow in the 
hd_strlcpy() ...)
        {DLA-2026-1}
        - htmldoc 1.9.7-1 (unimportant; bug #988289)
+       [buster] - htmldoc 1.9.3-1+deb10u1
        NOTE: https://github.com/michaelrsweet/htmldoc/issues/370
        NOTE: 
https://github.com/michaelrsweet/htmldoc/commit/8a129c520e90fc967351f3e165f967128a88f09c
        NOTE: Crash in CLI tool, no security impact


=====================================
data/next-point-update.txt
=====================================
@@ -134,10 +134,6 @@ CVE-2021-20231
        [buster] - gnutls28 3.6.7-4+deb10u7
 CVE-2021-20232
        [buster] - gnutls28 3.6.7-4+deb10u7
-CVE-2019-19630
-       [buster] - htmldoc 1.9.3-1+deb10u1
-CVE-2021-20308
-       [buster] - htmldoc 1.9.3-1+deb10u1
 CVE-2019-0222
        [buster] - mqtt-client 1.14-1+deb10u1
 CVE-2021-33477



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8250236d8727874c3810811a81585dede9466935

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8250236d8727874c3810811a81585dede9466935
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to