diff options
author | Tobias Frost <tobi@debian.org> | 2023-03-06 19:26:53 +0100 |
---|---|---|
committer | Tobias Frost <tobi@debian.org> | 2023-03-06 19:26:53 +0100 |
commit | c73941151246fecb19a1aedb94ac08104311e141 (patch) | |
tree | 735171f298839a491fed642c07366295b2275ea1 | |
parent | 91f7990f9fbc2a883009774aad598787cecb9b0f (diff) |
Ammend dla-3352 (libde265) for newly registered CVEs already fixed by the upload.
-rw-r--r-- | english/lts/security/2023/dla-3352.data | 2 | ||||
-rw-r--r-- | english/lts/security/2023/dla-3352.wml | 7 |
2 files changed, 8 insertions, 1 deletions
diff --git a/english/lts/security/2023/dla-3352.data b/english/lts/security/2023/dla-3352.data index 01b6ae681d6..97ffe7cddc0 100644 --- a/english/lts/security/2023/dla-3352.data +++ b/english/lts/security/2023/dla-3352.data @@ -1,6 +1,6 @@ <define-tag pagetitle>DLA-3352-1 libde265</define-tag> <define-tag report_date>2023-03-05</define-tag> -<define-tag secrefs>CVE-2023-24751 CVE-2023-24752 CVE-2023-24754 CVE-2023-24755 CVE-2023-24756 CVE-2023-24757 CVE-2023-24758 CVE-2023-25221</define-tag> +<define-tag secrefs>CVE-2022-47664 CVE-2022-47665 CVE-2023-24751 CVE-2023-24752 CVE-2023-24754 CVE-2023-24755 CVE-2023-24756 CVE-2023-24757 CVE-2023-24758 CVE-2023-25221</define-tag> <define-tag packages>libde265</define-tag> <define-tag isvulnerable>yes</define-tag> <define-tag fixed>yes</define-tag> diff --git a/english/lts/security/2023/dla-3352.wml b/english/lts/security/2023/dla-3352.wml index cc6d7359c07..a69d7c278c3 100644 --- a/english/lts/security/2023/dla-3352.wml +++ b/english/lts/security/2023/dla-3352.wml @@ -5,6 +5,13 @@ h.265 video codec, which may result in denial of service, have unspecified other impact, possibly code execution due to a heap-based buffer overflow.</p> <ul> +<li><a href="https://security-tracker.debian.org/tracker/CVE-2022-47664">CVE-2022-47664</a> + + <p> Libde265 1.0.9 is vulnerable to Buffer Overflow in ff_hevc_put_hevc_qpel_pixels_8_sse</p></li> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2022-47665">CVE-2022-47665</a> + + <p> Libde265 1.0.9 has a heap buffer overflow vulnerability in de265_image::set_SliceAddrRS(int, int, int)</p></li> <li><a href="https://security-tracker.debian.org/tracker/CVE-2023-24751">CVE-2023-24751</a> |