Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
b816c7b7 by Moritz Muehlenhoff at 2022-06-20T20:09:04+02:00
libjpeg fixed in sid
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -2721,7 +2721,7 @@ CVE-2022-32767
CVE-2022-32979
RESERVED
CVE-2022-32978 (There is an assertion failure in
SingleComponentLSScan::ParseMCU in si ...)
- - libjpeg <unfixed> (unimportant)
+ - libjpeg 0.0~git20220615.842c7ba-1 (unimportant)
NOTE: https://github.com/thorfdbg/libjpeg/issues/75
NOTE:
https://github.com/thorfdbg/libjpeg/commit/4746b577931e926a49e50de9720a4946de3069a7
NOTE: Crash in CLI tool, no security impact
@@ -4708,12 +4708,12 @@ CVE-2022-1965
CVE-2022-1964
RESERVED
CVE-2022-32202 (In libjpeg 1.63, there is a NULL pointer dereference in
LineBuffer::Fe ...)
- - libjpeg <unfixed> (unimportant)
+ - libjpeg 0.0~git20220615.842c7ba-1 (unimportant)
NOTE:
https://github.com/thorfdbg/libjpeg/commit/51c3241b6da39df30f016b63f43f31c4011222c7
NOTE: https://github.com/thorfdbg/libjpeg/issues/74
NOTE: Crash in CLI tool, no security impact
CVE-2022-32201 (In libjpeg 1.63, there is a NULL pointer dereference in
Component::Sub ...)
- - libjpeg <unfixed> (unimportant)
+ - libjpeg 0.0~git20220615.842c7ba-1 (unimportant)
NOTE:
https://github.com/thorfdbg/libjpeg/commit/ea6315164b1649ff932a396b7600eac4bffcfaba
NOTE: https://github.com/thorfdbg/libjpeg/issues/73
NOTE: Crash in CLI tool, no security impact
@@ -5652,7 +5652,7 @@ CVE-2022-1934 (Use After Free in GitHub repository
mruby/mruby prior to 3.2. ...
NOTE:
https://github.com/mruby/mruby/commit/aa7f98dedb68d735a1665d3a289036c88b0c47ce
TODO: check details
CVE-2022-31796 (libjpeg 1.63 has a heap-based buffer over-read in
HierarchicalBitmapRe ...)
- - libjpeg <unfixed> (unimportant)
+ - libjpeg 0.0~git20220615.842c7ba-1 (unimportant)
NOTE: https://github.com/thorfdbg/libjpeg/issues/71
NOTE:
https://github.com/thorfdbg/libjpeg/commit/187035b9726710b4fe11d565c7808975c930895d
NOTE: Crash in CLI tool, no security impact
@@ -6249,7 +6249,7 @@ CVE-2022-31621 (MariaDB Server before 10.7 is vulnerable
to Denial of Service. I
NOTE: https://jira.mariadb.org/browse/MDEV-26574
NOTE:
https://github.com/MariaDB/server/commit/b1351c15946349f9daa7e5297fb2ac6f3139e4a8
(mariadb-10.2.41)
CVE-2022-31620 (In libjpeg before 1.64, BitStream<false>::Get in
bitstream.hpp h ...)
- - libjpeg <unfixed> (unimportant)
+ - libjpeg 0.0~git20220615.842c7ba-1 (unimportant)
NOTE: https://github.com/thorfdbg/libjpeg/issues/70
NOTE:
https://github.com/thorfdbg/libjpeg/commit/ef4a29a62ab48b8dc235f4af52cfd6319eda9a6a
NOTE: Crash in CLI tool, no security impact
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b816c7b7a44441ebb037a9840510164ecf4cf950
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b816c7b7a44441ebb037a9840510164ecf4cf950
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
