Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: bf997f0e by Salvatore Bonaccorso at 2023-01-22T09:55:48+01:00 Update status for CVE-2020-21598 CVE-2020-21600 and CVE-2020-21602 Ad investigated by Tobias Frost those issues are fixed in 1.0.9 upstream as well, cf. https://bugs.debian.org/1004963#34 . Link: https://bugs.debian.org/1004963#34 - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -183412,7 +183412,7 @@ CVE-2020-21603 (libde265 v1.0.4 contains a heap buffer overflow in the put_qpel_ [stretch] - libde265 <postponed> (Minor issue, revisit when fixed upstream) NOTE: https://github.com/strukturag/libde265/issues/240 CVE-2020-21602 (libde265 v1.0.4 contains a heap buffer overflow in the put_weighted_bi ...) - - libde265 <unfixed> (bug #1004963) + - libde265 1.0.9-1 (bug #1004963) [bullseye] - libde265 <postponed> (Minor issue, revisit when fixed upstream) [buster] - libde265 <postponed> (Minor issue, revisit when fixed upstream) [stretch] - libde265 <postponed> (Minor issue, revisit when fixed upstream) @@ -183424,7 +183424,7 @@ CVE-2020-21601 (libde265 v1.0.4 contains a stack buffer overflow in the put_qpel [stretch] - libde265 <postponed> (Minor issue, revisit when fixed upstream) NOTE: https://github.com/strukturag/libde265/issues/241 CVE-2020-21600 (libde265 v1.0.4 contains a heap buffer overflow in the put_weighted_pr ...) - - libde265 <unfixed> (bug #1004963) + - libde265 1.0.9-1 (bug #1004963) [bullseye] - libde265 <postponed> (Minor issue, revisit when fixed upstream) [buster] - libde265 <postponed> (Minor issue, revisit when fixed upstream) [stretch] - libde265 <postponed> (Minor issue, revisit when fixed upstream) @@ -183437,7 +183437,7 @@ CVE-2020-21599 (libde265 v1.0.4 contains a heap buffer overflow in the de265_ima NOTE: https://github.com/strukturag/libde265/issues/235 NOTE: https://github.com/strukturag/libde265/commit/a3f1c6a0dea2b0d4a531255ad06ed40cdb184d25 (v1.0.9) CVE-2020-21598 (libde265 v1.0.4 contains a heap buffer overflow in the ff_hevc_put_unw ...) - - libde265 <unfixed> (bug #1004963) + - libde265 1.0.9-1 (bug #1004963) [bullseye] - libde265 <postponed> (Minor issue, revisit when fixed upstream) [buster] - libde265 <postponed> (Minor issue, revisit when fixed upstream) [stretch] - libde265 <postponed> (Minor issue, revisit when fixed upstream) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bf997f0ecbd929083358b443f0e920f0d2972e9d -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bf997f0ecbd929083358b443f0e920f0d2972e9d You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list [email protected] https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
