[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for openexr issues

Tue, 12 Jul 2022 22:37:06 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
a2374694 by Salvatore Bonaccorso at 2022-07-13T07:36:12+02:00
Add Debian bug reference for openexr issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -39957,7 +39957,7 @@ CVE-2021-45943 (GDAL 3.3.0 through 3.4.0 has a 
heap-based buffer overflow in PCI
        NOTE: 
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/gdal/OSV-2021-1651.yaml
 CVE-2021-45942 (OpenEXR 3.1.x before 3.1.4 has a heap-based buffer overflow in 
Imf_3_1 ...)
        [experimental] - openexr 3.1.4-1
-       - openexr <unfixed>
+       - openexr <unfixed> (bug #1014828)
        [buster] - openexr <no-dsa> (Minor issue)
        [stretch] - openexr <no-dsa> (Minor issue)
        NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=41416
@@ -49292,7 +49292,7 @@ CVE-2021-43557 (The uri-block plugin in Apache APISIX 
before 2.10.2 uses $reques
        NOT-FOR-US: Apache Apisix
 CVE-2021-3941 (In ImfChromaticities.cpp routine RGBtoXYZ(), there are some 
division o ...)
        [experimental] - openexr 3.1.3-1
-       - openexr <unfixed>
+       - openexr <unfixed> (bug #1014828)
        [stretch] - openexr <no-dsa> (Minor issue)
        NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2019789
        NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=39084
@@ -49479,7 +49479,7 @@ CVE-2021-3934 (ohmyzsh is vulnerable to Improper 
Neutralization of Special Eleme
        NOT-FOR-US: ohmyzsh
 CVE-2021-3933 (An integer overflow could occur when OpenEXR processes a 
crafted file  ...)
        [experimental] - openexr 3.1.3-1
-       - openexr <unfixed>
+       - openexr <unfixed> (bug #1014828)
        [stretch] - openexr <not-affected> (Vulnerable code not present)
        NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2019783
        NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=38912



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a2374694b523c8b079ce31c2f14185403d085255

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a2374694b523c8b079ce31c2f14185403d085255
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to