Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
7230aef0 by Salvatore Bonaccorso at 2026-05-31T07:20:31+02:00
Add CVE-2025-70103/jpeg-xl
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -3143,7 +3143,11 @@ CVE-2026-1248 (IBM Business Automation Workflow
containers and traditionalmay le
CVE-2025-70116 (A NULL pointer dereference in GPAC MP4Box: when parsing
certain trunca ...)
TODO: check
CVE-2025-70103 (Heap buffer overflow vulnerability in libjxl 0.12.0 via
crafted PBM im ...)
- TODO: check
+ - jpeg-xl <unfixed>
+ NOTE: https://www.openwall.com/lists/oss-security/2026/05/30/7
+ NOTE: https://github.com/libjxl/libjxl/issues/4337
+ NOTE: https://github.com/libjxl/libjxl/pull/4380
+ NOTE: Fixed by:
https://github.com/libjxl/libjxl/commit/49fb89f23473e57fa1dac416adce7c7679e5d051
CVE-2025-69600 (Command injection in Raynet rvia 12.6.4392.49-amd64.deb allows
adversa ...)
TODO: check
CVE-2025-68712 (SpSoft AppLock (com.sp.protector.free) 7.9.40 for Android
allows a loc ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7230aef0e8e158e9e6c45e19a988d6cb4e9a6de5
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7230aef0e8e158e9e6c45e19a988d6cb4e9a6de5
You're receiving this email because of your account on salsa.debian.org. Manage
all notifications: https://salsa.debian.org/-/profile/notifications | Help:
https://salsa.debian.org/help
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
