Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 0bf1899a by Salvatore Bonaccorso at 2023-09-11T23:21:30+02:00 Update status for CVE-2023-40032/vips - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -43,7 +43,10 @@ CVE-2023-40150 (Softneta MedDream PACS does not perform an authentication check NOT-FOR-US: Softneta MedDream PACS CVE-2023-40032 (libvips is a demand-driven, horizontally threaded image processing lib ...) - vips 8.14.4-1 + [bullseye] - vips <not-affected> (Vulnerable code not present) + [buster] - vips <not-affected> (Vulnerable code not present) NOTE: https://github.com/libvips/libvips/pull/3604 + NOTE: Introduced by: https://github.com/libvips/libvips/commit/b2527da53143a38bca96f4a3371ccd0856c0268b (v8.12.0-rc1) NOTE: Fixed by: https://github.com/libvips/libvips/commit/e091d65835966ef56d53a4105a7362cafdb1582b (v8.14.4) CVE-2023-3612 (Govee Home app has unprotected access to WebView component which can b ...) NOT-FOR-US: Govee Home app View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0bf1899a96b6cfcbe968dd4a8eef6005c5f4cb38 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0bf1899a96b6cfcbe968dd4a8eef6005c5f4cb38 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits