Sylvain Beucler pushed to branch master at Debian Security Tracker / security-tracker
Commits: e719aa93 by Sylvain Beucler at 2025-05-20T14:56:30+02:00 dla: add qtbase-opensource-src - - - - - 002e62ac by Sylvain Beucler at 2025-05-20T14:56:32+02:00 CVE-2023-6704/libavif: introductory commit (take #2) Thanks to Salvatore for dropping: 19aa57e7a0ff38986b4b654ca4c865bfd2731c84 a63ed93e0870387f9a7f6d331265e50bca5c19c7 and pointing the libavif revision range at: https://clusterfuzz.com/revisions?job=linux_asan_chrome_mp&range=1147980:1148001 (d78c0db95b1afe85a66b41c066f8327165a8d567:094e6166339bc317d54b42460232c28193ea4daf) Bisecting said range with an ASAN build pinpointed: https://github.com/AOMediaCodec/libavif/commit/c17d24ad2281fee383700e0710e019758a1969ad The error is present before the fixing commit, and fixed after the fixing commit. For reference: git checkout <revision> rm -rf * git checkout . cp -a ../poc . CC="gcc -fsanitize=address" CXX="g++ -fsanitize=address" cmake -DCMAKE_BUILD_TYPE=Debug -DAVIF_BUILD_APPS=ON make -j ./avifdec poc test.jpg - - - - - 2 changed files: - data/CVE/list - data/dla-needed.txt Changes: ===================================== data/CVE/list ===================================== @@ -151505,6 +151505,7 @@ CVE-2023-6704 (Use after free in libavif in Google Chrome prior to 120.0.6099.10 [bullseye] - libavif <not-affected> (Vulnerable code not present, PoC doesn't crash) NOTE: https://issues.chromium.org/issues/40945359 NOTE: https://github.com/AOMediaCodec/libavif/pull/1808 + NOTE: Introduced by: https://github.com/AOMediaCodec/libavif/commit/c17d24ad2281fee383700e0710e019758a1969ad (v1.0.0) NOTE: Fixed by: https://github.com/AOMediaCodec/libavif/commit/7845153645cfe245de5add94fb07c227c2d16402 (v1.1.0) CVE-2023-6703 (Use after free in Blink in Google Chrome prior to 120.0.6099.109 allow ...) {DSA-5577-1} ===================================== data/dla-needed.txt ===================================== @@ -347,6 +347,11 @@ pytorch NOTE: 20250422: Added by Front-Desk (rouca) NOTE: 20250422: CVE-2025-32434 RCE need to be fixed. DoS may be postponed (rouca/FD) -- +qtbase-opensource-src + NOTE: 20250520: Added by Front-Desk (Beuc) + NOTE: 20250520: Follow fixes from bookworm 12.11 (CVE-2024-39936) + NOTE: 20250520: We don't seem affected by the non-CVE crash fix #1081682 (Beuc/front-desk) +-- rails NOTE: 20250105: Added by Front-Desk (apo) NOTE: 20250305: Utkarsh uploaded the CVE fixes to unstable via rails/7.2.2.1. (utkarsh) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/7bed2ddbb7d3c34cf329268bbf39ba0840314940...002e62ace77c782c7022c78f457e7e6958f511d9 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/7bed2ddbb7d3c34cf329268bbf39ba0840314940...002e62ace77c782c7022c78f457e7e6958f511d9 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list [email protected] https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
