Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
fb56838e by Salvatore Bonaccorso at 2022-12-13T16:19:16+01:00
Restore fixed status of pngcheck in 2.3.0-7+deb10u1 for CVE-2020-27818
- - - - -
2 changed files:
- data/CVE/list
- data/DLA/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -158579,6 +158579,7 @@ CVE-2020-27819 (An issue was discovered in libxls
before and including 1.6.1 whe
CVE-2020-27818 (A flaw was found in the check_chunk_name() function of
pngcheck-2.4.0. ...)
{DLA-3032-1}
- pngcheck 2.3.0-13 (bug #976350)
+ [buster] - pngcheck 2.3.0-7+deb10u1
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1902011
NOTE: Patch applied in Fedora:
https://src.fedoraproject.org/rpms/pngcheck/blob/cc48791e34201caf7b686084b735d06cef66c974/f/pngcheck-2.4.0-overflow-bz1897485.patch
CVE-2020-27817
=====================================
data/DLA/list
=====================================
@@ -1,5 +1,5 @@
[13 Dec 2022] DLA-3238-1 pngcheck - security update
- {CVE-2020-27818 CVE-2020-35511}
+ {CVE-2020-35511}
[buster] - pngcheck 3.0.3-1~deb10u2
[12 Dec 2022] DLA-3237-1 node-tar - security update
{CVE-2021-37701 CVE-2021-37712}
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fb56838ee211ce841532292be7fbdefc2232b052
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fb56838ee211ce841532292be7fbdefc2232b052
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
