Markus Koschany pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
d500da7f by Markus Koschany at 2023-09-06T00:19:20+02:00
CVE-2020-0478,aom: Mark buster and bullseye as ignored
I explored the possibility to upgrade aom to version 1.0.0.errata1.avif-1. This
was not feasible because the version changes the ABI (#997806).
Looking at the huge diff which is mentioned in the security advisory, the
solution for CVE-2020-0478 seems to be to introduce a new configuration option
called CONFIG_AV1_HIGHBITDEPTH which is set to 1 by default. I don't think
that
backporting this switch is useful enough as long as it is enabled by default.
It is not clear if there would be possible repercussions for r-deps. Hence I
tend to ignore this issue.
- - - - -
d78b3da9 by Markus Koschany at 2023-09-06T00:28:13+02:00
Reserve DLA-3556-1 for aom
- - - - -
3 changed files:
- data/CVE/list
- data/DLA/list
- data/dla-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -169580,19 +169580,16 @@ CVE-2021-3486 (GLPi 9.5.4 does not sanitize the
metadata. This way its possible
CVE-2021-30475 (aom_dsp/noise_model.c in libaom in AOMedia before 2021-03-24
has a buf ...)
[experimental] - aom 3.2.0-1~exp1
- aom 3.2.0-1
- [buster] - aom <no-dsa> (Minor issue)
NOTE:
https://aomedia.googlesource.com/aom/+/12adc723acf02633595a4d8da8345742729f46c0
NOTE: https://bugs.chromium.org/p/aomedia/issues/detail?id=2999
CVE-2021-30474 (aom_dsp/grain_table.c in libaom in AOMedia before 2021-03-30
has a use ...)
[experimental] - aom 3.2.0-1~exp1
- aom 3.2.0-1
- [buster] - aom <no-dsa> (Minor issue)
NOTE:
https://aomedia.googlesource.com/aom/+/6e31957b6dc62dbc7d1bb70cd84902dd14c4bf2e
NOTE: https://bugs.chromium.org/p/aomedia/issues/detail?id=3000
CVE-2021-30473 (aom_image.c in libaom in AOMedia before 2021-04-07 frees
memory that i ...)
[experimental] - aom 3.2.0-1~exp1
- aom 3.2.0-1 (bug #988211)
- [buster] - aom <no-dsa> (Minor issue)
NOTE:
https://aomedia.googlesource.com/aom/+/d0cac70b542c38accd916f8afd13592d34c48963%5E%21/
NOTE: https://bugs.chromium.org/p/aomedia/issues/detail?id=2998
CVE-2021-30472 (A flaw was found in PoDoFo 0.9.7. A stack-based buffer
overflow in Pdf ...)
@@ -191763,7 +191760,6 @@ CVE-2020-36136 (SQL Injection vulnerability in cskaza
cszcms version 1.2.9, allo
NOT-FOR-US: cskaza cszcms
CVE-2020-36135 (AOM v2.0.1 was discovered to contain a NULL pointer
dereference via th ...)
- aom 3.2.0-1
- [buster] - aom <no-dsa> (Minor issue)
NOTE:
https://aomedia.googlesource.com/aom/+/94bcbfe76b0fd5b8ac03645082dc23a88730c949
(v2.1.0-rc1)
NOTE: https://bugs.chromium.org/p/aomedia/issues/detail?id=2910&q=&can=1
NOTE: https://bugs.chromium.org/p/aomedia/issues/detail?id=2911
@@ -191775,19 +191771,16 @@ CVE-2020-36134 (AOM v2.0.1 was discovered to
contain a segmentation violation vi
NOTE: Fixed by:
https://aomedia.googlesource.com/aom/+/5a1b33b710050b69557d26cf53d4943325481beb
(v2.1.0-rc1)
CVE-2020-36133 (AOM v2.0.1 was discovered to contain a global buffer overflow
via the ...)
- aom 3.2.0-1
- [buster] - aom <no-dsa> (Minor issue)
NOTE: https://bugs.chromium.org/p/aomedia/issues/detail?id=2913&q=&can=1
NOTE:
https://aomedia.googlesource.com/aom/+/5c9bc4181071684d157fc47c736acf6c69a85d85
(v3.2.0-rc1)
CVE-2020-36132
RESERVED
CVE-2020-36131 (AOM v2.0.1 was discovered to contain a stack buffer overflow
via the c ...)
- aom 3.2.0-1
- [buster] - aom <no-dsa> (Minor issue)
NOTE:
https://aomedia.googlesource.com/aom/+/94bcbfe76b0fd5b8ac03645082dc23a88730c949
(v2.1.0-rc1)
NOTE: https://bugs.chromium.org/p/aomedia/issues/detail?id=2911&q=&can=1
CVE-2020-36130 (AOM v2.0.1 was discovered to contain a NULL pointer
dereference via th ...)
- aom 3.2.0-1
- [buster] - aom <no-dsa> (Minor issue)
NOTE:
https://aomedia.googlesource.com/aom/+/be4ee75fd762d361d0679cc892e4c74af8140093%5E%21/#F0
(v2.1.0-rc1)
NOTE: https://bugs.chromium.org/p/aomedia/issues/detail?id=2905&q=&can=1
CVE-2020-36129 (AOM v2.0.1 was discovered to contain a stack buffer overflow
via the c ...)
@@ -280832,7 +280825,8 @@ CVE-2020-0479 (In callUnchecked of
DocumentsProvider.java, there is a possible p
NOT-FOR-US: Android
CVE-2020-0478 (In extend_frame_lowbd of restoration.c, there is a possible out
of bou ...)
- aom 1.0.0.errata1.avif-1
- [buster] - aom <no-dsa> (Minor issue)
+ [bullseye] - aom <ignored> (Minor issue)
+ [buster] - aom <ignored> (Minor issue)
NOTE:
https://android.googlesource.com/platform/external/libaom/+/816f15265cb89a02d7ce4b657de277828e71a4b1
NOTE: https://source.android.com/security/bulletin/pixel/2020-12-01
NOTE:
https://aomedia.googlesource.com/aom/+/ebba9c769be2c99d5396d0018901e9a4af5e2d2c
(v1.0.0-errata1-avif)
=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[06 Sep 2023] DLA-3556-1 aom - security update
+ {CVE-2020-36130 CVE-2020-36131 CVE-2020-36133 CVE-2020-36135
CVE-2021-30473 CVE-2021-30474 CVE-2021-30475}
+ [buster] - aom 1.0.0-3+deb10u1
[05 Sep 2023] DLA-3555-1 php7.3 - security update
{CVE-2023-3823 CVE-2023-3824}
[buster] - php7.3 7.3.31-1~deb10u5
=====================================
data/dla-needed.txt
=====================================
@@ -25,9 +25,6 @@ amanda (Thorsten Alteholz)
NOTE: 20230730: Added by Front-Desk (apo)
NOTE: 20230827: still testing package (ta)
--
-aom (Markus Koschany)
- NOTE: 20230823: Added by Front-Desk (apo)
---
c-ares (Utkarsh)
NOTE: 20230826: Added by Front-Desk (utkarsh)
NOTE: 20230826: it's a heap buffer overflow. Have mixed feelings about this
one. Will look thoroughly. (utkarsh)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/9ac31b023d3f06d5e1b69207ec5c0c3cb767d5eb...d78b3da980af03d7654e63aca66305f83db11079
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/9ac31b023d3f06d5e1b69207ec5c0c3cb767d5eb...d78b3da980af03d7654e63aca66305f83db11079
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
