diff options
| author | Abhijith PA <abhijith@disroot.org> | 2024-03-11 16:48:11 +0530 |
|---|---|---|
| committer | Abhijith PA <abhijith@disroot.org> | 2024-03-11 16:48:11 +0530 |
| commit | 7199e99c42f32f3a2b5eafa4053b4b4d5109e711 (patch) | |
| tree | 2055ab8a341f4dc5cfe520361de3c04a3ce574dd | |
| parent | 9a2a182dc53f0632ecd32108c91c071bdad76289 (diff) | |
Reserve DLA-3758-1 for tiff
| -rw-r--r-- | data/CVE/list | 2 | ||||
| -rw-r--r-- | data/DLA/list | 3 | ||||
| -rw-r--r-- | data/dla-needed.txt | 4 |
3 files changed, 3 insertions, 6 deletions
diff --git a/data/CVE/list b/data/CVE/list index 5bb2e60e2a..458e0e6600 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -10267,7 +10267,6 @@ CVE-2023-52356 (A segment fault (SEGV) flaw was found in libtiff that could be t - tiff 4.5.1+git230720-4 (bug #1061524) [bookworm] - tiff <no-dsa> (Minor issue) [bullseye] - tiff <no-dsa> (Minor issue) - [buster] - tiff <postponed> (Minor issue, DoS) NOTE: https://gitlab.com/libtiff/libtiff/-/issues/622 NOTE: https://gitlab.com/libtiff/libtiff/-/merge_requests/546 NOTE: https://gitlab.com/libtiff/libtiff/-/commit/51558511bdbbcffdce534db21dbaf5d54b31638a @@ -30802,7 +30801,6 @@ CVE-2023-3665 (A code injection vulnerability in Trellix ENS 10.7.0 April 2023 r CVE-2023-3576 (A memory leak flaw was found in Libtiff's tiffcrop utility. This issue ...) {DSA-5567-1} - tiff 4.5.1~rc3-1 - [buster] - tiff <postponed> (Minor issue, memory leak in CLI tool) NOTE: https://gitlab.com/libtiff/libtiff/-/merge_requests/475 NOTE: Fixed by: https://gitlab.com/libtiff/libtiff/-/commit/1d5b1181c980090a6518f11e61a18b0e268bf31a (v4.5.1rc1) CVE-2023-3512 (Relative path traversal vulnerability in Setelsa Security's ConacWin C ...) diff --git a/data/DLA/list b/data/DLA/list index f18c291fca..b704547d62 100644 --- a/data/DLA/list +++ b/data/DLA/list @@ -1,3 +1,6 @@ +[11 Mar 2024] DLA-3758-1 tiff - security update + {CVE-2023-3576 CVE-2023-52356} + [buster] - tiff 4.1.0+git191117-2~deb10u9 [10 Mar 2024] DLA-3757-1 nss - security update {CVE-2023-5388 CVE-2024-0743} [buster] - nss 2:3.42.1-1+deb10u8 diff --git a/data/dla-needed.txt b/data/dla-needed.txt index d58dc892e6..1d329d7ab3 100644 --- a/data/dla-needed.txt +++ b/data/dla-needed.txt @@ -250,10 +250,6 @@ suricata (Adrian Bunk) thunderbird (Emilio) NOTE: 20240306: Added by Front-Desk (opal) -- -tiff (Abhijith PA) - NOTE: 20231231: Added by Front-Desk (lamby) - NOTE: 20231231: CVE-2023-3576 already fixed in bullseye via DSA or point release(s). (lamby) --- tinymce NOTE: 20231123: Added by Front-Desk (ola) NOTE: 20231216: Someone with more XSS experience needed to assess the |