Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
fb2a4a47 by Moritz Mühlenhoff at 2021-08-12T09:34:03+02:00
buster triage
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -70767,48 +70767,53 @@ CVE-2020-21686
CVE-2020-21685
RESERVED
CVE-2020-21684 (A global buffer overflow in the put_font in genpict2e.c of
fig2dev 3.2 ...)
- - fig2dev 1:3.2.8-1
+ - fig2dev 1:3.2.8-1 (unimportant)
- transfig <removed>
NOTE: https://sourceforge.net/p/mcj/tickets/75/
NOTE:
https://sourceforge.net/p/mcj/fig2dev/ci/d70e4ba6308046f71cb51f67db8412155af52411/
(3.2.8)
+ NOTE: Crash in CLI tool, no security impact
CVE-2020-21683 (A global buffer overflow in the
shade_or_tint_name_after_declare_color ...)
- - fig2dev 1:3.2.8-1
+ - fig2dev 1:3.2.8-1 (unimportant)
- transfig <removed>
NOTE: https://sourceforge.net/p/mcj/tickets/77/
NOTE:
https://sourceforge.net/p/mcj/fig2dev/ci/639c36010a120e97a6e82e7cd57cbf9dbf4b64f1/
(3.2.8)
- TODO: check
+ NOTE: Crash in CLI tool, no security impact
CVE-2020-21682 (A global buffer overflow in the set_fill component in genge.c
of fig2d ...)
- - fig2dev 1:3.2.8-1
+ - fig2dev 1:3.2.8-1 (unimportant)
- transfig <removed>
NOTE: https://sourceforge.net/p/mcj/tickets/72/
NOTE:
https://sourceforge.net/p/mcj/fig2dev/ci/4d4e1fdac467c386cba8706aa0067d5ab8da02d7/
(3.2.8)
+ NOTE: Crash in CLI tool, no security impact
CVE-2020-21681 (A global buffer overflow in the set_color component in genge.c
of fig2 ...)
- - fig2dev 1:3.2.8-1
+ - fig2dev 1:3.2.8-1 (unimportant)
- transfig <removed>
NOTE: https://sourceforge.net/p/mcj/tickets/73/
NOTE:
https://sourceforge.net/p/mcj/fig2dev/ci/d70e4ba6308046f71cb51f67db8412155af52411/
(3.2.8)
NOTE:
https://sourceforge.net/p/mcj/fig2dev/ci/4d4e1fdac467c386cba8706aa0067d5ab8da02d7/
(3.2.8)
+ NOTE: Crash in CLI tool, no security impact
CVE-2020-21680 (A stack-based buffer overflow in the put_arrow() component in
genpict2 ...)
- - fig2dev 1:3.2.8-1
+ - fig2dev 1:3.2.8-1 (unimportant)
- transfig <removed>
NOTE: https://sourceforge.net/p/mcj/tickets/74/
NOTE:
https://sourceforge.net/p/mcj/fig2dev/ci/3165d86c31c6323913239fdc6460be6ababd3826/
(3.2.8)
NOTE:
https://sourceforge.net/p/mcj/fig2dev/ci/100e2789f8106f9cc0f7e4319c4ee7bda076c3ac/
(3.2.8)
- TODO: check
+ NOTE: Crash in CLI tool, no security impact
CVE-2020-21679
RESERVED
CVE-2020-21678 (A global buffer overflow in the genmp_writefontmacro_latex
component i ...)
- - fig2dev 1:3.2.8-1
+ - fig2dev 1:3.2.8-1 (unimportant)
- transfig <removed>
NOTE: https://sourceforge.net/p/mcj/tickets/71/
NOTE:
https://sourceforge.net/p/mcj/fig2dev/ci/d70e4ba6308046f71cb51f67db8412155af52411/
(3.2.8)
- TODO: check
+ NOTE: Crash in CLI tool, no security impact
CVE-2020-21677 (A heap-based buffer overflow in the
sixel_encoder_output_without_macro ...)
- libsixel 1.8.6-1
+ [buster] - libsixel <no-dsa> (Minor issue)
NOTE: https://github.com/saitoha/libsixel/issues/123
NOTE:
https://github.com/saitoha/libsixel/commit/0b1e0b3f7b44233f84e5c9f512f8c90d6bbbe33d
CVE-2020-21676 (A stack-based buffer overflow in the genpstrx_text() component
in genp ...)
- fig2dev 1:3.2.8-1
+ [buster] - fig2dev <no-dsa> (Minor issue)
- transfig <removed>
NOTE: https://sourceforge.net/p/mcj/tickets/76/
NOTE:
https://sourceforge.net/p/mcj/fig2dev/ci/acccc89c20206a5db1f463438ba444e35bcb400e/
(3.2.8)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fb2a4a474deb719d2997e94436409dacd3c15d85
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fb2a4a474deb719d2997e94436409dacd3c15d85
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
