Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits: 45ecdfa6 by Moritz Muehlenhoff at 2023-08-18T12:28:40+02:00 new qtsvg issue - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -172997,8 +172997,13 @@ CVE-2021-28027 (An issue was discovered in the bam crate before 0.1.3 for Rust. NOT-FOR-US: Rust crate bam CVE-2021-28026 (jpeg-xl v0.3.2 is affected by a heap buffer overflow in /lib/jxl/coeff ...) - jpeg-xl <not-affected> (Fixed before initial release) -CVE-2021-28025 (Integer Overflow vulnerability in qsvghandler.cpp in Qt qtsvg versions ...) - TODO: check +CVE-2021-28025 + - qt6-svg <not-affected> (Fixed before initial upload to the archive) + - qtsvg-opensource-src 5.15.4-2 + [bullseye] - qtsvg-opensource-src <no-dsa> (Minor issue) + - qt4-x11 <removed> + NOTE: https://bugreports.qt.io/browse/QTBUG-91507 + NOTE: https://code.qt.io/cgit/qt/qtsvg.git/commit/?id=7bbf88403fd2d1fe79fab7c8e469f8aeafeb7372 (v5.15.4-lts-lgpl) CVE-2021-28024 (Unauthorized system access in the login form in ServiceTonic Helpdesk ...) NOT-FOR-US: ServiceTonic CVE-2021-28023 (Arbitrary file upload in Service import feature in ServiceTonic Helpde ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/45ecdfa68a8d7e99287fd2ea207c2fd1a382d854 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/45ecdfa68a8d7e99287fd2ea207c2fd1a382d854 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits