Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
d20822ee by Ola Lundqvist at 2024-04-10T22:19:21+02:00
Tagged a few CVEs for freeimage as postponed.
Postponed because they are of DoS class and all reverse dependencies are
tools used by a human that should know the input data. One can even question
whether that should even be considered a security issue. In any case it
is nothing that warrant any immediate attention.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -6974,6 +6974,7 @@ CVE-2024-28584 (Null Pointer Dereference vulnerability in
open source FreeImage
- freeimage <unfixed> (bug #1068461)
[bookworm] - freeimage <no-dsa> (Revisit when fixed upstream)
[bullseye] - freeimage <no-dsa> (Revisit when fixed upstream)
+ [buster] - freeimage <postponed> (Revisit when fixed upstream, low
severity DoS in tool)
NOTE:
https://github.com/Ruanxingzhi/vul-report/tree/master/freeimage-r1909
CVE-2024-28583 (Buffer Overflow vulnerability in open source FreeImage
v.3.19.0 [r1909 ...)
- freeimage <unfixed> (bug #1068461)
@@ -6999,6 +7000,7 @@ CVE-2024-28579 (Buffer Overflow vulnerability in open
source FreeImage v.3.19.0
- freeimage <unfixed> (bug #1068461)
[bookworm] - freeimage <no-dsa> (Revisit when fixed upstream)
[bullseye] - freeimage <no-dsa> (Revisit when fixed upstream)
+ [buster] - freeimage <postponed> (Revisit when fixed upstream, low
severity DoS in tool)
NOTE:
https://github.com/Ruanxingzhi/vul-report/tree/master/freeimage-r1909
CVE-2024-28578 (Buffer Overflow vulnerability in open source FreeImage
v.3.19.0 [r1909 ...)
- freeimage <unfixed> (bug #1068461)
@@ -7009,31 +7011,37 @@ CVE-2024-28577 (Null Pointer Dereference vulnerability
in open source FreeImage
- freeimage <unfixed> (bug #1068461)
[bookworm] - freeimage <no-dsa> (Revisit when fixed upstream)
[bullseye] - freeimage <no-dsa> (Revisit when fixed upstream)
+ [buster] - freeimage <postponed> (Revisit when fixed upstream, low
severity DoS in tool)
NOTE:
https://github.com/Ruanxingzhi/vul-report/tree/master/freeimage-r1909
CVE-2024-28576 (Buffer Overflow vulnerability in open source FreeImage
v.3.19.0 [r1909 ...)
- freeimage <unfixed> (bug #1068461)
[bookworm] - freeimage <no-dsa> (Revisit when fixed upstream)
[bullseye] - freeimage <no-dsa> (Revisit when fixed upstream)
+ [buster] - freeimage <postponed> (Revisit when fixed upstream, low
severity DoS in tool)
NOTE:
https://github.com/Ruanxingzhi/vul-report/tree/master/freeimage-r1909
CVE-2024-28575 (Buffer Overflow vulnerability in open source FreeImage
v.3.19.0 [r1909 ...)
- freeimage <unfixed> (bug #1068461)
[bookworm] - freeimage <no-dsa> (Revisit when fixed upstream)
[bullseye] - freeimage <no-dsa> (Revisit when fixed upstream)
+ [buster] - freeimage <postponed> (Revisit when fixed upstream, low
severity DoS in tool)
NOTE:
https://github.com/Ruanxingzhi/vul-report/tree/master/freeimage-r1909
CVE-2024-28574 (Buffer Overflow vulnerability in open source FreeImage
v.3.19.0 [r1909 ...)
- freeimage <unfixed> (bug #1068461)
[bookworm] - freeimage <no-dsa> (Revisit when fixed upstream)
[bullseye] - freeimage <no-dsa> (Revisit when fixed upstream)
+ [buster] - freeimage <postponed> (Revisit when fixed upstream, low
severity DoS in tool)
NOTE:
https://github.com/Ruanxingzhi/vul-report/tree/master/freeimage-r1909
CVE-2024-28573 (Buffer Overflow vulnerability in open source FreeImage
v.3.19.0 [r1909 ...)
- freeimage <unfixed> (bug #1068461)
[bookworm] - freeimage <no-dsa> (Revisit when fixed upstream)
[bullseye] - freeimage <no-dsa> (Revisit when fixed upstream)
+ [buster] - freeimage <postponed> (Revisit when fixed upstream, low
severity DoS in tool)
NOTE:
https://github.com/Ruanxingzhi/vul-report/tree/master/freeimage-r1909
CVE-2024-28572 (Buffer Overflow vulnerability in open source FreeImage
v.3.19.0 [r1909 ...)
- freeimage <unfixed> (bug #1068461)
[bookworm] - freeimage <no-dsa> (Revisit when fixed upstream)
[bullseye] - freeimage <no-dsa> (Revisit when fixed upstream)
+ [buster] - freeimage <postponed> (Revisit when fixed upstream, low
severity DoS in tool)
NOTE:
https://github.com/Ruanxingzhi/vul-report/tree/master/freeimage-r1909
CVE-2024-28571 (Buffer Overflow vulnerability in open source FreeImage
v.3.19.0 [r1909 ...)
- freeimage <unfixed> (bug #1068461)
@@ -7044,6 +7052,7 @@ CVE-2024-28570 (Buffer Overflow vulnerability in open
source FreeImage v.3.19.0
- freeimage <unfixed> (bug #1068461)
[bookworm] - freeimage <no-dsa> (Revisit when fixed upstream)
[bullseye] - freeimage <no-dsa> (Revisit when fixed upstream)
+ [buster] - freeimage <postponed> (Revisit when fixed upstream, low
severity DoS in tool)
NOTE:
https://github.com/Ruanxingzhi/vul-report/tree/master/freeimage-r1909
CVE-2024-28569 (Buffer Overflow vulnerability in open source FreeImage
v.3.19.0 [r1909 ...)
- freeimage <unfixed> (bug #1068461)
@@ -7054,11 +7063,13 @@ CVE-2024-28568 (Buffer Overflow vulnerability in open
source FreeImage v.3.19.0
- freeimage <unfixed> (bug #1068461)
[bookworm] - freeimage <no-dsa> (Revisit when fixed upstream)
[bullseye] - freeimage <no-dsa> (Revisit when fixed upstream)
+ [buster] - freeimage <postponed> (Revisit when fixed upstream, low
severity DoS in tool)
NOTE:
https://github.com/Ruanxingzhi/vul-report/tree/master/freeimage-r1909
CVE-2024-28567 (Buffer Overflow vulnerability in open source FreeImage
v.3.19.0 [r1909 ...)
- freeimage <unfixed> (bug #1068461)
[bookworm] - freeimage <no-dsa> (Revisit when fixed upstream)
[bullseye] - freeimage <no-dsa> (Revisit when fixed upstream)
+ [buster] - freeimage <postponed> (Revisit when fixed upstream, low
severity DoS in tool)
NOTE:
https://github.com/Ruanxingzhi/vul-report/tree/master/freeimage-r1909
CVE-2024-28566 (Buffer Overflow vulnerability in open source FreeImage
v.3.19.0 [r1909 ...)
- freeimage <unfixed> (bug #1068461)
@@ -7069,16 +7080,19 @@ CVE-2024-28565 (Buffer Overflow vulnerability in open
source FreeImage v.3.19.0
- freeimage <unfixed> (bug #1068461)
[bookworm] - freeimage <no-dsa> (Revisit when fixed upstream)
[bullseye] - freeimage <no-dsa> (Revisit when fixed upstream)
+ [buster] - freeimage <postponed> (Revisit when fixed upstream, low
severity DoS in tool)
NOTE:
https://github.com/Ruanxingzhi/vul-report/tree/master/freeimage-r1909
CVE-2024-28564 (Buffer Overflow vulnerability in open source FreeImage
v.3.19.0 [r1909 ...)
- freeimage <unfixed> (bug #1068461)
[bookworm] - freeimage <no-dsa> (Revisit when fixed upstream)
[bullseye] - freeimage <no-dsa> (Revisit when fixed upstream)
+ [buster] - freeimage <postponed> (Revisit when fixed upstream, low
severity DoS in tool)
NOTE:
https://github.com/Ruanxingzhi/vul-report/tree/master/freeimage-r1909
CVE-2024-28563 (Buffer Overflow vulnerability in open source FreeImage
v.3.19.0 [r1909 ...)
- freeimage <unfixed> (bug #1068461)
[bookworm] - freeimage <no-dsa> (Revisit when fixed upstream)
[bullseye] - freeimage <no-dsa> (Revisit when fixed upstream)
+ [buster] - freeimage <postponed> (Revisit when fixed upstream, low
severity DoS in tool)
NOTE:
https://github.com/Ruanxingzhi/vul-report/tree/master/freeimage-r1909
CVE-2024-28562 (Buffer Overflow vulnerability in open source FreeImage
v.3.19.0 [r1909 ...)
- freeimage <unfixed> (bug #1068461)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d20822ee84db3e974bbab954664d5dc70194341e
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d20822ee84db3e974bbab954664d5dc70194341e
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
