diff options
author | Moritz Muehlenhoff <jmm@debian.org> | 2020-07-06 19:40:24 +0200 |
---|---|---|
committer | Moritz Muehlenhoff <jmm@debian.org> | 2020-07-06 19:40:24 +0200 |
commit | 78dc70d1107dc4aaf3bd5af22a10c082f9215ccd (patch) | |
tree | b8b777c92b413eaf7aebcfc562d76943b5297872 | |
parent | 3e4c3e89ce20df6ecaeac9c55f6a7bdfd27349f5 (diff) |
jpeg issue already fixed a few years ago
take squid
-rw-r--r-- | data/CVE/list | 4 | ||||
-rw-r--r-- | data/dsa-needed.txt | 4 |
2 files changed, 4 insertions, 4 deletions
diff --git a/data/CVE/list b/data/CVE/list index 75c8524b38..505badd63d 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -3348,9 +3348,9 @@ CVE-2020-14153 (In IJG JPEG (aka libjpeg) before 9d, jdhuff.c has an out-of-boun NOTE: Not clear what the exact change is between 9c and 9d and whether it applies to -turbo CVE-2020-14152 (In IJG JPEG (aka libjpeg) before 9d, jpeg_mem_available() in jmemnobs. ...) - libjpeg9 1:9d-1 (low) - - libjpeg-turbo <unfixed> (low) + - libjpeg-turbo 1:1.5.2-1 (low) [jessie] - libjpeg-turbo <no-dsa> (Minor issue) - TODO: report to libjpeg-turbo upstream + NOTE: https://github.com/libjpeg-turbo/libjpeg-turbo/commit/da2a27ef056a0179cbd80f9146e58b89403d9933 CVE-2020-14151 REJECTED CVE-2020-14150 (GNU Bison before 3.5.4 allows attackers to cause a denial of service ( ...) diff --git a/data/dsa-needed.txt b/data/dsa-needed.txt index cd4278c532..cead6d7444 100644 --- a/data/dsa-needed.txt +++ b/data/dsa-needed.txt @@ -39,9 +39,9 @@ ruby2.5/stable -- roundcube -- -squid/stable +squid (jmm) -- -teeworlds/stable (jmm) +teeworlds (jmm) -- xcftools Hugo proposed to work on this update |