[Git][security-tracker-team/security-tracker][master] Add CVE-2021-45950/libredwg

Sun, 02 Jan 2022 13:00:24 -0800 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
c4443472 by Salvatore Bonaccorso at 2022-01-02T21:59:17+01:00
Add CVE-2021-45950/libredwg

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -112,7 +112,7 @@ CVE-2021-45951 (Dnsmasq 2.86 has a heap-based buffer 
overflow in check_bad_addre
        NOTE: 
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/dnsmasq/OSV-2021-924.yaml
        TODO: check, the introducing commit seems odd, and might be just 
related to when fuzzing started, and is same for other dnsmaq and oss-fuzz 
related reports.
 CVE-2021-45950 (LibreDWG 0.12.4.4313 through 0.12.4.4367 has an out-of-bounds 
write in ...)
-       TODO: check
+       - libredwg <itp> (bug #595191)
 CVE-2021-45949 (Ghostscript GhostPDL 9.50 through 9.54.0 has a heap-based 
buffer overf ...)
        - ghostscript 9.55.0~dfsg-1
        NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=34675



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c4443472156aa8eb67e0a7a067810eeb247e4f79

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c4443472156aa8eb67e0a7a067810eeb247e4f79
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to