[Git][security-tracker-team/security-tracker][master] Track upstream fixes for CVE-2021-44648

Fri, 12 Aug 2022 11:59:26 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
3a1fb57c by Salvatore Bonaccorso at 2022-08-12T20:58:53+02:00
Track upstream fixes for CVE-2021-44648

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -51260,6 +51260,8 @@ CVE-2021-44648 (GNOME gdk-pixbuf 2.42.6 is vulnerable 
to a heap-buffer overflow
        NOTE: 
https://sahildhar.github.io/blogpost/GdkPixbuf-Heap-Buffer-Overflow-in-lzw_decoder_new/
        NOTE: Introduced by: 
https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/commit/b88f1ce91a610a4e491a4ad6352183791e78afac
 (2.39.2)
        NOTE: https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/merge_requests/130
+       NOTE: Fixed by: 
https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/commit/19ebba03117aefc9d0312f675f3a210ffdcc4907
 (2.42.9)
+       NOTE: Tests: 
https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/commit/449441210921c8ed417b0c4d5edbccd2d57e23f8
 CVE-2021-44647 (Lua v5.4.3 and above are affected by SEGV by type confusion in 
funcnam ...)
        - lua5.4 5.4.4-1 (bug #1004189)
        [bullseye] - lua5.4 <no-dsa> (Minor issue)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3a1fb57c33c888bb25672c0fab5e3d99fa0c8642

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3a1fb57c33c888bb25672c0fab5e3d99fa0c8642
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to