[Git][security-tracker-team/security-tracker][master] libsixel fixed in sid

Moritz Muehlenhoff (@jmm) Wed, 12 Jan 2022 03:40:02 -0800


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
4824eb81 by Moritz Muehlenhoff at 2022-01-12T12:39:24+01:00
libsixel fixed in sid

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -102736,11 +102736,13 @@ CVE-2020-19670 (In Niushop B2B2C Multi-Business 
Basic Edition V1.11, authenticat
 CVE-2020-19669 (Cross Site Request Forgery (CSRF) vulnerability exists in 
Eyoucms 1.3. ...)
        NOT-FOR-US: Eyoucms
 CVE-2020-19668 (Unverified indexs into the array lead to out of bound access 
in the gi ...)
-       - libsixel <unfixed> (bug #990799)
+       - libsixel 1.10.3-1 (bug #990799)
        [bullseye] - libsixel <no-dsa> (Minor issue)
        [buster] - libsixel <no-dsa> (Minor issue)
        [stretch] - libsixel <no-dsa> (Minor issue)
        NOTE: https://github.com/saitoha/libsixel/issues/136
+       NOTE: 
https://github.com/libsixel/libsixel/commit/05e5d21d065c663ec7a83d185974f4c252314968
+       NOTE: Since 1.10.3-1 the Debian package moved from 
https://github.com/saitoha/libsixel to https://github.com/libsixel/libsixel fork
 CVE-2020-19667 (Stack-based buffer overflow and unconditional jump in 
ReadXPMImage in  ...)
        {DLA-2523-1}
        - imagemagick 8:6.9.11.24+dfsg-1
@@ -123319,12 +123321,14 @@ CVE-2020-11722 (Dungeon Crawl Stone Soup (aka DCSS 
or crawl) before 0.25 allows
        NOTE: 
https://github.com/crawl/crawl/commit/768f60da87a3fa0b5561da5ade9309577c176d04
        NOTE: 
https://github.com/crawl/crawl/commit/fc522ff6eb1bbb85e3de60c60a45762571e48c28
 CVE-2020-11721 (load_png in loader.c in libsixel.a in libsixel 1.8.6 has an 
uninitiali ...)
-       - libsixel <unfixed> (low; bug #972641)
+       - libsixel 1.10.3-1 (low; bug #972641)
        [bullseye] - libsixel <no-dsa> (Minor issue)
        [buster] - libsixel <no-dsa> (Minor issue)
        [stretch] - libsixel <no-dsa> (Minor issue)
        [jessie] - libsixel <no-dsa> (Minor issue)
        NOTE: https://github.com/saitoha/libsixel/issues/134
+       NOTE: 
https://github.com/libsixel/libsixel/commit/032fffba9a6b658acbdeaa1f31abc97530e802e4
+       NOTE: Since 1.10.3-1 the Debian package moved from 
https://github.com/saitoha/libsixel to https://github.com/libsixel/libsixel fork
 CVE-2020-11720 (An issue was discovered in Programi Bilanc build 007 release 
014 31.01 ...)
        NOT-FOR-US: Programi Bilanc
 CVE-2020-11719 (An issue was discovered in Programi Bilanc build 007 release 
014 31.01 ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4824eb81b1703fceba0c43edcb553a5be93cf623

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4824eb81b1703fceba0c43edcb553a5be93cf623
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] libsixel fixed in sid

Reply via email to