aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorTobias Frost <tobi@debian.org>2022-12-13 16:15:22 +0100
committerTobias Frost <tobi@debian.org>2022-12-13 16:15:22 +0100
commitbe354f6329774156579ac1978ed0c5b911b59401 (patch)
tree725daecb1b7f243797c03fc1825561f1b8b655ba
parent6350d596392997d1d1cea7b462b5a18bf9299d9e (diff)
DLA-3238-1
Diffstat
-rw-r--r--english/lts/security/2022/dla-3238.data10
-rw-r--r--english/lts/security/2022/dla-3238.wml32
2 files changed, 42 insertions, 0 deletions
diff --git a/english/lts/security/2022/dla-3238.data b/english/lts/security/2022/dla-3238.data
new file mode 100644
index 00000000000..1ffe22171bc
--- /dev/null
+++ b/english/lts/security/2022/dla-3238.data
@@ -0,0 +1,10 @@
+<define-tag pagetitle>DLA-3238-1 pngcheck</define-tag>
+<define-tag report_date>2022-12-13</define-tag>
+<define-tag secrefs>CVE-2020-35511 Bug#1021278</define-tag>
+<define-tag packages>pngcheck</define-tag>
+<define-tag isvulnerable>yes</define-tag>
+<define-tag fixed>yes</define-tag>
+<define-tag fixed-section>no</define-tag>
+
+#use wml::debian::security
+
diff --git a/english/lts/security/2022/dla-3238.wml b/english/lts/security/2022/dla-3238.wml
new file mode 100644
index 00000000000..ad86e37e9d0
--- /dev/null
+++ b/english/lts/security/2022/dla-3238.wml
@@ -0,0 +1,32 @@
+<define-tag description>LTS security update</define-tag>
+<define-tag moreinfo>
+<p>Multiple security issues were discovered in pngcheck, a tool to verify the
+integrity of PNG, JNG and MNG files, which could potentially result
+in the execution of arbitrary code.</p>
+
+<ul>
+
+<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-35511">CVE-2020-35511</a>
+
+ <p>A global buffer overflow was discovered in pngcheck function in
+ pngcheck-2.4.0 (5 patches applied) via a crafted png file.</p>
+
+
+<p>For Debian 10 buster, these problems have been fixed in version
+3.0.3-1~deb10u2.</p>
+
+<p>We recommend that you upgrade your pngcheck packages.</p>
+
+<p>For the detailed security status of pngcheck please refer to its security
+tracker page at: <a href="https://security-tracker.debian.org/tracker/pngcheck">https://security-tracker.debian.org/tracker/pngcheck</a></p>
+
+<p>Further information about Debian LTS security advisories, how to apply
+these updates to your system and frequently asked questions can be
+found at: <a href="https://wiki.debian.org/LTS">https://wiki.debian.org/LTS</a></p></li>
+
+</ul>
+</define-tag>
+
+# do not modify the following line
+#include "$(ENGLISHDIR)/lts/security/2022/dla-3238.data"
+# $Id: $

© 2014-2024 Faster IT GmbH | imprint | privacy policy