Abhijith PA pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
f6c87e78 by Abhijith PA at 2026-02-26T11:42:40+05:30
Reserve DLA-4493-1 for libstb
- - - - -
2 changed files:
- data/CVE/list
- data/DLA/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -374699,7 +374699,6 @@ CVE-2022-28042 (stb_image.h v2.27 was discovered to
contain an heap-based use-af
{DLA-3305-1}
- libstb 0.0~git20230129.5736b15+ds-1 (bug #1014531)
[bookworm] - libstb <no-dsa> (Minor issue)
- [bullseye] - libstb <no-dsa> (Minor issue)
NOTE: https://github.com/nothings/stb/issues/1289
NOTE: https://github.com/nothings/stb/pull/1297
NOTE:
https://github.com/nothings/stb/commit/84b94010a7b08003cc3fb93635582849398e7ae2
@@ -374710,7 +374709,6 @@ CVE-2022-28041 (stb_image.h v2.27 was discovered to
contain an integer overflow
{DLA-3305-1}
- libstb 0.0~git20230129.5736b15+ds-1 (bug #1014531)
[bookworm] - libstb <no-dsa> (Minor issue)
- [bullseye] - libstb <no-dsa> (Minor issue)
NOTE: https://github.com/nothings/stb/issues/1292
NOTE: https://github.com/nothings/stb/pull/1297
NOTE:
https://github.com/nothings/stb/commit/84b94010a7b08003cc3fb93635582849398e7ae2
@@ -406784,7 +406782,6 @@ CVE-2021-42715 (An issue was discovered in stb
stb_image.h 1.33 through 2.27. Th
{DLA-3305-1}
- libstb 0.0~git20230129.5736b15+ds-1 (bug #1014532)
[bookworm] - libstb <no-dsa> (Minor issue)
- [bullseye] - libstb <no-dsa> (Minor issue)
NOTE: https://github.com/nothings/stb/issues/1224
NOTE: https://github.com/nothings/stb/pull/1223
CVE-2021-42714 (Splashtop Remote Client (Business Edition) through 3.4.8.3
creates a T ...)
@@ -420832,7 +420829,6 @@ CVE-2021-37790
CVE-2021-37789 (stb_image.h 2.27 has a heap-based buffer over in
stbi__jpeg_load, lead ...)
{DLA-3305-1}
- libstb 0.0~git20210910.af1a5bc+ds-1 (bug #1023693)
- [bullseye] - libstb <no-dsa> (Minor issue)
NOTE: https://github.com/nothings/stb/issues/1178
NOTE:
https://github.com/nothings/stb/commit/5ba0baaa269b3fd681828e0e3b3ac0f1472eaf40
CVE-2021-37788 (A vulnerability in the web UI of Gurock TestRail v5.3.0.3603
could all ...)
@@ -446033,7 +446029,6 @@ CVE-2021-28022 (Blind SQL injection in the login form
in ServiceTonic Helpdesk s
CVE-2021-28021 (Buffer overflow vulnerability in function stbi__extend_receive
in stb_ ...)
{DLA-3305-1}
- libstb 0.0~git20220908.8b5f1f3+ds-1 (bug #1014530)
- [bullseye] - libstb <no-dsa> (Minor issue)
NOTE: https://github.com/nothings/stb/issues/1108
NOTE:
https://github.com/nothings/stb/commit/86b7570cfba845e8209c6aec2d15e487bb1d8bb4
CVE-2021-28020
=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[26 Feb 2026] DLA-4493-1 libstb - security update
+ {CVE-2021-28021 CVE-2021-37789 CVE-2021-42715 CVE-2022-28041
CVE-2022-28042}
+ [bullseye] - libstb 0.0~git20200713.b42009b+ds-1+deb11u1
[25 Feb 2026] DLA-4492-1 gnutls28 - security update
{CVE-2025-9820 CVE-2025-14831}
[bullseye] - gnutls28 3.7.1-5+deb11u9
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f6c87e78a28e4bbb09d86be2af0860beeb3850f1
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f6c87e78a28e4bbb09d86be2af0860beeb3850f1
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
