Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
2ee8df1d by security tracker role at 2021-08-14T20:10:19+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1357,6 +1357,7 @@ CVE-2021-38115 (read_header_tga in gd_tga.c in the GD
Graphics Library (aka LibG
NOTE: https://github.com/libgd/libgd/issues/697
NOTE:
https://github.com/libgd/libgd/commit/8b111b2b4a4842179be66db68d84dda91a246032
CVE-2021-38114 (libavcodec/dnxhddec.c in FFmpeg 4.4 does not check the return
value of ...)
+ {DLA-2742-1}
- ffmpeg <unfixed>
[bullseye] - ffmpeg <postponed> (Wait for 4.3.3)
[buster] - ffmpeg <postponed> (Wait for 4.1.7)
@@ -11637,6 +11638,7 @@ CVE-2021-33586 (InspIRCd 3.8.0 through 3.9.x before
3.10.0 allows any user (able
NOTE: https://docs.inspircd.org/security/2021-01/
NOTE:
https://github.com/inspircd/inspircd/commit/4350a11c663b0d75f8119743bffb7736d87abd4d
CVE-2021-3566 (Prior to ffmpeg version 4.3, the tty demuxer did not have a
'read_prob ...)
+ {DLA-2742-1}
- ffmpeg 7:4.3-2
[buster] - ffmpeg <postponed> (Wait for 4.1.7)
NOTE:
https://github.com/FFmpeg/FFmpeg/commit/3bce9e9b3ea35c54bacccc793d7da99ea5157532
@@ -70315,6 +70317,7 @@ CVE-2020-22037 (A Denial of Service vulnerability
exists in FFmpeg 4.2 due to a
- ffmpeg <unfixed> (unimportant)
NOTE: https://trac.ffmpeg.org/ticket/8281
CVE-2020-22036 (A heap-based Buffer Overflow vulnerability exists in FFmpeg
4.2 in fil ...)
+ {DLA-2742-1}
- ffmpeg 7:4.3-2
[buster] - ffmpeg <postponed> (Wait for 4.1.7)
NOTE: https://trac.ffmpeg.org/ticket/8261
@@ -70339,11 +70342,13 @@ CVE-2020-22033 (A heap-based Buffer Overflow
Vulnerability exists FFmpeg 4.2 at
NOTE: https://trac.ffmpeg.org/ticket/8241
NOTE:
https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=82ad1b76751bcfad5005440db48c46a4de5d6f02
CVE-2020-22032 (A heap-based Buffer Overflow vulnerability exists FFmpeg 4.2
at libavf ...)
+ {DLA-2742-1}
- ffmpeg 7:4.3-2
[buster] - ffmpeg <postponed> (Wait for 4.1.7)
NOTE: https://trac.ffmpeg.org/ticket/8275
NOTE:
https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=de598f82f8c3f8000e1948548e8088148e2b1f44
CVE-2020-22031 (A Heap-based Buffer Overflow vulnerability exists in FFmpeg
4.2 at lib ...)
+ {DLA-2742-1}
- ffmpeg 7:4.3-2
[buster] - ffmpeg <postponed> (Wait for 4.1.7)
NOTE: https://trac.ffmpeg.org/ticket/8243
@@ -70361,6 +70366,7 @@ CVE-2020-22029 (A heap-based Buffer Overflow
vulnerability exists in FFmpeg 4.2
NOTE:
https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=a7fd1279703683ebb548ef7baa2f1519994496ae
NOTE: https://trac.ffmpeg.org/ticket/8250
CVE-2020-22028 (Buffer Overflow vulnerability exists in FFmpeg 4.2 in
filter_verticall ...)
+ {DLA-2742-1}
- ffmpeg 7:4.3-2
[buster] - ffmpeg <postponed> (Wait for 4.1.7)
NOTE:
https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=f069a9c2a65bc20c3462127623127df6dfd06c5b
@@ -70372,11 +70378,13 @@ CVE-2020-22027 (A heap-based Buffer Overflow
vulnerability exits in FFmpeg 4.2 i
NOTE:
https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=e787f8fd7ee99ba0c3e0f086ce2ce59eea7ed86c
NOTE: https://trac.ffmpeg.org/ticket/8242
CVE-2020-22026 (Buffer Overflow vulnerability exists in FFmpeg 4.2 in the
config_input ...)
+ {DLA-2742-1}
- ffmpeg 7:4.3-2
[buster] - ffmpeg <postponed> (Wait for 4.1.7)
NOTE:
https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=58bb9d3a3a6ede1c6cfb82bf671a5f138e6b2144
NOTE: https://trac.ffmpeg.org/ticket/8317
CVE-2020-22025 (A heap-based Buffer Overflow vulnerability exists in
gaussian_blur at ...)
+ {DLA-2742-1}
- ffmpeg 7:4.3-2
[buster] - ffmpeg <postponed> (Wait for 4.1.7)
NOTE:
https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=ccf4ab8c9aca0aee66bcc2914031a9c97ac0eeb8
@@ -70388,21 +70396,25 @@ CVE-2020-22024 (Buffer Overflow vulnerability in
FFmpeg 4.2 at the lagfun_frame1
NOTE:
https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=723d69f99cd26db9687ed2d24d06afaff624daf3
NOTE: https://trac.ffmpeg.org/ticket/8310
CVE-2020-22023 (A heap-based Buffer Overflow vulnerabililty exists in FFmpeg
4.2 in fi ...)
+ {DLA-2742-1}
- ffmpeg 7:4.3-2
[buster] - ffmpeg <postponed> (Wait for 4.1.7)
NOTE:
https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=0b567238741854b41f84f7457686b044eadfe29c
NOTE: https://trac.ffmpeg.org/ticket/8244
CVE-2020-22022 (A heap-based Buffer Overflow vulnerability exists in FFmpeg
4.2 in fil ...)
+ {DLA-2742-1}
- ffmpeg 7:4.3-2
[buster] - ffmpeg <postponed> (Wait for 4.1.7)
NOTE:
https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=07050d7bdc32d82e53ee5bb727f5882323d00dba
NOTE: https://trac.ffmpeg.org/ticket/8264
CVE-2020-22021 (Buffer Overflow vulnerability in FFmpeg 4.2 at filter_edges
function i ...)
+ {DLA-2742-1}
- ffmpeg 7:4.3.2-0+deb11u2 (bug #989439)
[buster] - ffmpeg <postponed> (Wait for 4.1.7)
NOTE:
https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=7971f62120a55c141ec437aa3f0bacc1c1a3526b
NOTE: https://trac.ffmpeg.org/ticket/8240
CVE-2020-22020 (Buffer Overflow vulnerability in FFmpeg 4.2 in the
build_diff_map func ...)
+ {DLA-2742-1}
- ffmpeg 7:4.3-2
[buster] - ffmpeg <postponed> (Wait for 4.1.7)
NOTE: https://trac.ffmpeg.org/ticket/8239
@@ -70423,11 +70435,13 @@ CVE-2020-22017 (A heap-based Buffer Overflow
vulnerability exists in FFmpeg 4.2
NOTE: https://trac.ffmpeg.org/ticket/8309
NOTE:
https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=d4d6b7b0355f3597cad3b8d12911790c73b5f96d
CVE-2020-22016 (A heap-based Buffer Overflow vulnerability in FFmpeg 4.2 at
libavcodec ...)
+ {DLA-2742-1}
- ffmpeg 7:4.2.2-1
[buster] - ffmpeg <postponed> (Wait for 4.1.7)
NOTE: https://trac.ffmpeg.org/ticket/8183
NOTE:
https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=58aa0ed8f10753ee90f4a4a1f4f3da803cf7c145
CVE-2020-22015 (Buffer Overflow vulnerability in FFmpeg 4.2 in
mov_write_video_tag due ...)
+ {DLA-2742-1}
- ffmpeg 7:4.3.2-0+deb11u2 (bug #989439)
[buster] - ffmpeg <ignored> (Minor issue)
NOTE: https://trac.ffmpeg.org/ticket/8190
@@ -72419,6 +72433,7 @@ CVE-2020-21043
CVE-2020-21042
RESERVED
CVE-2020-21041 (Buffer Overflow vulnerability exists in FFmpeg 4.1 via
apng_do_inverse ...)
+ {DLA-2742-1}
[experimental] - ffmpeg 7:4.4-1
- ffmpeg 7:4.3.2-0+deb11u2 (bug #989439)
[buster] - ffmpeg <postponed> (Wait for 4.1.7)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2ee8df1d22780be0c9862fba845d2dfc8bc58258
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2ee8df1d22780be0c9862fba845d2dfc8bc58258
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
