Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
7805fb01 by Salvatore Bonaccorso at 2023-08-15T07:18:42+02:00
Track fixed version for libstb issues via unstable
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -101301,7 +101301,7 @@ CVE-2022-28043
RESERVED
CVE-2022-28042 (stb_image.h v2.27 was discovered to contain an heap-based
use-after-fr ...)
{DLA-3305-1}
- - libstb <unfixed> (bug #1014531)
+ - libstb 0.0~git20230129.5736b15+ds-1 (bug #1014531)
[bookworm] - libstb <no-dsa> (Minor issue)
[bullseye] - libstb <no-dsa> (Minor issue)
NOTE: https://github.com/nothings/stb/issues/1289
@@ -101312,7 +101312,7 @@ CVE-2022-28042 (stb_image.h v2.27 was discovered to
contain an heap-based use-af
NOTE:
https://github.com/nothings/stb/commit/5cfc2a744ad7047cda2396cc67772f313a46093d
CVE-2022-28041 (stb_image.h v2.27 was discovered to contain an integer
overflow via th ...)
{DLA-3305-1}
- - libstb <unfixed> (bug #1014531)
+ - libstb 0.0~git20230129.5736b15+ds-1 (bug #1014531)
[bookworm] - libstb <no-dsa> (Minor issue)
[bullseye] - libstb <no-dsa> (Minor issue)
NOTE: https://github.com/nothings/stb/issues/1292
@@ -133255,7 +133255,7 @@ CVE-2021-42717 (ModSecurity 3.x through 3.0.5
mishandles excessively nested JSON
NOTE: Fixed by:
https://github.com/SpiderLabs/ModSecurity/commit/41918335fa4c74fba46a986771a5a6cb457070c4
(v2.9.5)
NOTE: Fixed by:
https://github.com/SpiderLabs/ModSecurity/commit/ac79c1c29b7e6323e26cc984ad4f76ef62c731cd
(v3.0.6)
CVE-2021-42716 (An issue was discovered in stb stb_image.h 2.27. The PNM
loader incorr ...)
- - libstb <unfixed> (bug #1014532)
+ - libstb 0.0~git20230129.5736b15+ds-1 (bug #1014532)
[bookworm] - libstb <no-dsa> (Minor issue)
[bullseye] - libstb <not-affected> (Vulnerable code introduced later)
[buster] - libstb <not-affected> (Vulnerable code introduced later)
@@ -133266,7 +133266,7 @@ CVE-2021-42716 (An issue was discovered in stb
stb_image.h 2.27. The PNM loader
NOTE:
https://github.com/nothings/stb/commit/8befa752b005da174b2429c1ffaafffe452b2997
CVE-2021-42715 (An issue was discovered in stb stb_image.h 1.33 through 2.27.
The HDR ...)
{DLA-3305-1}
- - libstb <unfixed> (bug #1014532)
+ - libstb 0.0~git20230129.5736b15+ds-1 (bug #1014532)
[bookworm] - libstb <no-dsa> (Minor issue)
[bullseye] - libstb <no-dsa> (Minor issue)
NOTE: https://github.com/nothings/stb/issues/1224
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7805fb01ba91ce818f472be73c4b8c7553c07260
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7805fb01ba91ce818f472be73c4b8c7553c07260
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
