Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
4c20c439 by Salvatore Bonaccorso at 2024-11-25T21:57:25+01:00
Add two new jpeg-xl issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -102,9 +102,12 @@ CVE-2024-11647 (A vulnerability, which was classified as
critical, has been foun
CVE-2024-11646 (A vulnerability classified as critical was found in 1000
Projects Beau ...)
NOT-FOR-US: 1000 Projects Beauty Parlour Management System
CVE-2024-11498 (There exists a stack buffer overflow in libjxl.A
specifically-crafted ...)
- TODO: check
+ - jpeg-xl <unfixed>
+ NOTE: https://github.com/libjxl/libjxl/pull/3943
+ NOTE:
https://github.com/libjxl/libjxl/commit/bf4781a2eed2eef664790170977d1d3d8347efb9
CVE-2024-11403 (There exists an out of bounds read/write in LibJXL versions
prior to c ...)
- TODO: check
+ - jpeg-xl <unfixed>
+ NOTE:
https://github.com/libjxl/libjxl/commit/9cc451b91b74ba470fd72bd48c121e9f33d24c99
CVE-2024-10710 (The YaDisk Files WordPress plugin through 1.2.5 does not
sanitise and ...)
NOT-FOR-US: WordPress plugin
CVE-2024-10709 (The YaDisk Files WordPress plugin through 1.2.5 does not
validate and ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4c20c43933078d17784b14a47def9173c61ad175
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4c20c43933078d17784b14a47def9173c61ad175
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
