Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
a7420035 by Moritz Muehlenhoff at 2025-03-16T11:47:27+01:00
open62541 is in the archive now
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -34418,7 +34418,9 @@ CVE-2024-53432 (While parsing certain malformed PLY
files, PCL version 1.14.1 cr
NOTE: https://github.com/PointCloudLibrary/pcl/issues/6162
NOTE: https://github.com/PointCloudLibrary/pcl/pull/6179
CVE-2024-53429 (Open62541 v1.4.6 is has an assertion failure in
fuzz_binary_decode, wh ...)
- - open62541 <itp> (bug #985909)
+ - open62541 <unfixed>
+ NOTE: https://github.com/open62541/open62541/issues/6825
+ NOTE:
https://github.com/open62541/open62541/commit/b9473527623125b5ca264dae4551f8cc414b3bc3
CVE-2024-53426 (A heap-buffer-overflow vulnerability has been identified in
ntopng 6.2 ...)
- ntopng <unfixed> (unimportant)
NOTE: Crash in CLI tool, no security impact
@@ -256680,7 +256682,7 @@ CVE-2022-25765 (The package pdfkit from 0.0.0 are
vulnerable to Command Injectio
CVE-2022-25764
RESERVED
CVE-2022-25761 (The package open62541/open62541 before 1.2.5, from 1.3-rc1 and
before ...)
- - open62541 <itp> (bug #985909)
+ - open62541 <not-affected> (Fixed before initial upload to the archive)
CVE-2022-25760 (All versions of package accesslog are vulnerable to Arbitrary
Code Inj ...)
NOT-FOR-US: accesslog Nodejs module
CVE-2022-25759 (The package convert-svg-core before 0.6.2 are vulnerable to
Remote Cod ...)
@@ -299011,7 +299013,7 @@ CVE-2020-36430 (libass 0.15.x before 0.15.1 has a
heap-based buffer overflow in
NOTE: Introduced by:
https://github.com/libass/libass/commit/910211f1c0078e37546f73e95306724358b89be2
(0.15.0)
NOTE: Fixed by:
https://github.com/libass/libass/commit/017137471d0043e0321e377ed8da48e45a3ec632
(0.15.1)
CVE-2020-36429 (Variant_encodeJson in open62541 1.x before 1.0.4 has an
out-of-bounds ...)
- - open62541 <itp> (bug #985909)
+ - open62541 <not-affected> (Fixed before initial upload to the archive)
CVE-2020-36428 (matio (aka MAT File I/O Library) 1.5.18 through 1.5.21 has a
heap-base ...)
- libmatio 1.5.22-1 (bug #991370)
[bullseye] - libmatio <no-dsa> (Minor issue)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a7420035ddc8cc908d38d4f9fe114644c6acfc1e
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a7420035ddc8cc908d38d4f9fe114644c6acfc1e
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
