[Git][security-tracker-team/security-tracker][master] Triage CVE-2022-2963/jasper as unimportant

[Emilio Pozuelo Monfort (@pochu)]

Emilio Pozuelo Monfort pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
1a38ae98 by Emilio Pozuelo Monfort at 2022-10-18T09:01:59+02:00
Triage CVE-2022-2963/jasper as unimportant

A memory leak just before calling exit() has no security
impact.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -11394,8 +11394,10 @@ CVE-2022-2964 (A flaw was found in the Linux 
kernel’s driver for the ASIX
        [buster] - linux 4.19.232-1
        NOTE: 
https://git.kernel.org/linus/57bc3d3ae8c14df3ceb4e17d26ddf9eeab304581 (5.17-rc4)
 CVE-2022-2963 (A vulnerability found in jasper. This security vulnerability 
happens b ...)
-       - jasper <removed>
+       - jasper <removed> (unimportant)
        NOTE: https://github.com/jasper-software/jasper/issues/332
+       NOTE: 
https://github.com/jasper-software/jasper/commit/d99636fad60629785efd1ef72da772a8ef68f54c
+       NOTE: memory leak on invalid command line options before exit()
 CVE-2022-2962 (A DMA reentrancy issue was found in the Tulip device emulation 
in QEMU ...)
        - qemu 1:7.1+dfsg-2 (bug #1018055)
        [bullseye] - qemu <no-dsa> (Minor issue)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1a38ae98931a1287c3cbd380e1bdc00b4f7c92b3

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1a38ae98931a1287c3cbd380e1bdc00b4f7c92b3
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits