Helmut Grohne pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
acfccc61 by Helmut Grohne at 2022-09-16T12:29:24+02:00
libraw buster DLA-3113-1 issued
- - - - -
2 changed files:
- data/CVE/list
- data/dla-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -126025,30 +126025,38 @@ CVE-2020-35536 (In gcc, an internal compiler error
in match_reload function at l
TODO: check
CVE-2020-35535 (In LibRaw, there is an out-of-bounds read vulnerability within
the "Li ...)
- libraw 0.20.0-4
+ [buster] - libraw <not-affected> (sonySR2 decoder added later)
+ [stretch] - libraw <not-affected> (sonySR2 decoder added later)
NOTE: https://github.com/LibRaw/LibRaw/issues/283
NOTE:
https://github.com/LibRaw/LibRaw/commit/c243f4539233053466c1309bde606815351bee81
(0.20-RC2)
CVE-2020-35534 (In LibRaw, there is a memory corruption vulnerability within
the "crxF ...)
- libraw 0.20.0-4
+ [buster] - libraw <not-affected> (Canon CR3 decoder added later)
+ [stretch] - libraw <not-affected> (Canon CR3 decoder added later)
NOTE:
https://github.com/LibRaw/LibRaw/commit/e41f331e90b383e3208cefb74e006df44bf3a4b8
(0.20-RC2)
NOTE: https://github.com/LibRaw/LibRaw/issues/279
CVE-2020-35533 (In LibRaw, an out-of-bounds read vulnerability exists within
the "LibR ...)
{DLA-3113-1}
- libraw 0.20.0-4
+ [buster] - libraw 0.19.2-2+deb10u1
NOTE:
https://github.com/LibRaw/LibRaw/commit/a6937d4046a7c4742b683a04c8564605fd9be4fb
(0.20-RC2)
NOTE: https://github.com/LibRaw/LibRaw/issues/273
CVE-2020-35532 (In LibRaw, an out-of-bounds read vulnerability exists within
the "simp ...)
{DLA-3113-1}
- libraw 0.20.0-4
+ [buster] - libraw 0.19.2-2+deb10u1
NOTE:
https://github.com/LibRaw/LibRaw/commit/5ab45b085898e379fedc6b113e2e82a890602b1e
(0.20-RC2)
NOTE: https://github.com/LibRaw/LibRaw/issues/271
CVE-2020-35531 (In LibRaw, an out-of-bounds read vulnerability exists within
the get_h ...)
{DLA-3113-1}
- libraw 0.20.0-4
+ [buster] - libraw 0.19.2-2+deb10u1
NOTE:
https://github.com/LibRaw/LibRaw/commit/d75af00681a74dcc8b929207eb895611a6eceb68
(0.20-RC2)
NOTE: https://github.com/LibRaw/LibRaw/issues/270
CVE-2020-35530 (In LibRaw, there is an out-of-bounds write vulnerability
within the "n ...)
{DLA-3113-1}
- libraw 0.20.0-4
+ [buster] - libraw 0.19.2-2+deb10u1
NOTE:
https://github.com/LibRaw/LibRaw/commit/11c4db253ef2c9bb44247b578f5caa57c66a1eeb
(0.20-RC2)
NOTE: https://github.com/LibRaw/LibRaw/issues/272
CVE-2020-35529
=====================================
data/dla-needed.txt
=====================================
@@ -69,9 +69,6 @@ kopanocore
NOTE: 20220801: Programming language: C++.
NOTE: 20220811: Proposed a patch to CVE-2022-26562 (#1016973)
--
-libraw (Helmut Grohne)
- NOTE: 20220904: Programming language: C++.
---
linux (Ben Hutchings)
--
mako
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/acfccc6158c3d493c7d3b4132f852f570a0a0df5
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/acfccc6158c3d493c7d3b4132f852f570a0a0df5
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
