Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
b7db6b1e by Salvatore Bonaccorso at 2020-03-05T10:13:51+01:00
Checking remaining libsixel issues, all fixed upstream in v1.8.3 and 1.8.4
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -15689,13 +15689,13 @@ CVE-2019-19780
CVE-2019-19779
RESERVED
CVE-2019-19778 (An issue was discovered in libsixel 1.8.2. There is a
heap-based buffe ...)
- - libsixel <unfixed> (low; bug #948103)
+ - libsixel 1.8.6-1 (low; bug #948103)
[buster] - libsixel <no-dsa> (Minor issue)
[stretch] - libsixel <no-dsa> (Minor issue)
[jessie] - libsixel <no-dsa> (Minor issue)
NOTE: https://github.com/saitoha/libsixel/issues/110
CVE-2019-19777 (stb_image.h (aka the stb image loader) 2.23, as used in
libsixel and o ...)
- - libsixel <unfixed> (low; bug #948103)
+ - libsixel 1.8.6-1 (low; bug #948103)
[buster] - libsixel <no-dsa> (Minor issue)
[stretch] - libsixel <no-dsa> (Minor issue)
[jessie] - libsixel <no-dsa> (Minor issue)
@@ -18365,25 +18365,25 @@ CVE-2019-19640
CVE-2019-19639
RESERVED
CVE-2019-19638 (An issue was discovered in libsixel 1.8.2. There is a
heap-based buffe ...)
- - libsixel <unfixed> (low; bug #948103)
+ - libsixel 1.8.6-1 (low; bug #948103)
[buster] - libsixel <no-dsa> (Minor issue)
[stretch] - libsixel <no-dsa> (Minor issue)
[jessie] - libsixel <no-dsa> (Minor issue)
NOTE: https://github.com/saitoha/libsixel/issues/102
CVE-2019-19637 (An issue was discovered in libsixel 1.8.2. There is an integer
overflo ...)
- - libsixel <unfixed> (low; bug #948103)
+ - libsixel 1.8.6-1 (low; bug #948103)
[buster] - libsixel <no-dsa> (Minor issue)
[stretch] - libsixel <no-dsa> (Minor issue)
[jessie] - libsixel <no-dsa> (Minor issue)
NOTE: https://github.com/saitoha/libsixel/issues/105
CVE-2019-19636 (An issue was discovered in libsixel 1.8.2. There is an integer
overflo ...)
- - libsixel <unfixed> (low; bug #948103)
+ - libsixel 1.8.6-1 (low; bug #948103)
[buster] - libsixel <no-dsa> (Minor issue)
[stretch] - libsixel <no-dsa> (Minor issue)
[jessie] - libsixel <no-dsa> (Minor issue)
NOTE: https://github.com/saitoha/libsixel/issues/104
CVE-2019-19635 (An issue was discovered in libsixel 1.8.2. There is a
heap-based buffe ...)
- - libsixel <unfixed> (low; bug #948103)
+ - libsixel 1.8.6-1 (low; bug #948103)
[buster] - libsixel <no-dsa> (Minor issue)
[stretch] - libsixel <no-dsa> (Minor issue)
[jessie] - libsixel <no-dsa> (Minor issue)
@@ -49357,7 +49357,7 @@ CVE-2019-11025 (In clearFilter() in utilities.php in
Cacti before 1.2.3, no esca
[stretch] - cacti <no-dsa> (Minor issue)
NOTE: https://github.com/Cacti/cacti/issues/2581
CVE-2019-11024 (The load_pnm function in frompnm.c in libsixel.a in libsixel
1.8.2 has ...)
- - libsixel <unfixed> (unimportant)
+ - libsixel 1.8.6-1 (unimportant)
NOTE: https://github.com/saitoha/libsixel/issues/85
NOTE: Negligible security impact
CVE-2019-11023 (The agroot() function in cgraph\obj.c in libcgraph.a in
Graphviz 2.39. ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b7db6b1e9939c73579ee172984b7e4824ee59993
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b7db6b1e9939c73579ee172984b7e4824ee59993
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
