Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
73d41e51 by Salvatore Bonaccorso at 2022-12-24T09:15:36+01:00
Add first batch of openimageio issues
Unfortunately more pending, with not yet clear upstream status and
reported by Cisco TALOS Project.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -19535,11 +19535,15 @@ CVE-2022-41999 (A denial of service vulnerability
exists in the DDS native tile
CVE-2022-41991
RESERVED
CVE-2022-41988 (An information disclosure vulnerability exists in the
OpenImageIO::dec ...)
- TODO: check
+ - openimageio <unfixed>
+ NOTE:
https://talosintelligence.com/vulnerability_reports/TALOS-2022-1643
+ NOTE:
https://github.com/OpenImageIO/oiio/commit/e9103925bb2aeed36b01b3805f36959f5d1a2e18#diff-8496b368a265f99b41e3c06bf99a5ea82d4f40fff1919ee79caa26ae033b3a06R118
CVE-2022-41838 (A code execution vulnerability exists in the DDS scanline
parsing func ...)
- TODO: check
+ - openimageio <unfixed>
+ NOTE:
https://talosintelligence.com/vulnerability_reports/TALOS-2022-1634
CVE-2022-41837 (An out-of-bounds write vulnerability exists in the
OpenImageIO::add_ex ...)
- TODO: check
+ - openimageio <unfixed>
+ NOTE:
https://talosintelligence.com/vulnerability_reports/TALOS-2022-1636
CVE-2022-41632
RESERVED
CVE-2022-41630
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/73d41e517cba044b065ddb38f72ed927e5788cbc
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/73d41e517cba044b065ddb38f72ed927e5788cbc
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
