diff options
author | Florian Weimer <fw@deneb.enyo.de> | 2021-12-28 15:27:51 +0100 |
---|---|---|
committer | Florian Weimer <fw@deneb.enyo.de> | 2021-12-28 15:27:51 +0100 |
commit | b8ac6bc4e5bb4187752620e9d7fe03b45eb08810 (patch) | |
tree | 39f5567d42bb06421e891bbecb30a4000f77be6d /data | |
parent | 12907e70417482cba8169043f68d50a608290521 (diff) |
DSA-5032-1 djvulibre
Diffstat (limited to 'data')
-rw-r--r-- | data/CVE/list | 6 | ||||
-rw-r--r-- | data/DSA/list | 3 | ||||
-rw-r--r-- | data/dsa-needed.txt | 2 |
3 files changed, 3 insertions, 8 deletions
diff --git a/data/CVE/list b/data/CVE/list index 75932c1192..0d23ba63a6 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -40016,7 +40016,6 @@ CVE-2021-3502 (A flaw was found in avahi 0.8-5. A reachable assertion is present CVE-2021-3500 (A flaw was found in djvulibre-3.5.28 and earlier. A Stack overflow in ...) {DLA-2667-1} - djvulibre 3.5.28-2 (bug #988215) - [buster] - djvulibre <no-dsa> (Minor issue) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1943685 NOTE: Patch in Fedora (not upstream'ed): https://src.fedoraproject.org/rpms/djvulibre/c/fc359410f7131e4ea0a892ef78e6da72f29afeee.patch NOTE: https://sourceforge.net/p/djvu/djvulibre-git/ci/cd8b5c97b27a5c1dc83046498b6ca49ad20aa9b6/ (chunk #2 / Patch11) (fixed differently) @@ -148936,7 +148935,6 @@ CVE-2019-18805 (An issue was discovered in net/ipv4/sysctl_net_ipv4.c in the Lin CVE-2019-18804 (DjVuLibre 3.5.27 has a NULL pointer dereference in the function DJVU:: ...) {DLA-2667-1 DLA-1985-1} - djvulibre 3.5.27.1-14 (bug #945114) - [buster] - djvulibre <no-dsa> (Minor issue) NOTE: https://sourceforge.net/p/djvu/bugs/309/ NOTE: https://sourceforge.net/p/djvu/djvulibre-git/ci/c8bec6549c10ffaa2f2fbad8bbc629efdf0dd125/ CVE-2019-18803 @@ -162515,25 +162513,21 @@ CVE-2019-15146 (GoPro GPMF-parser 1.2.2 has a heap-based buffer over-read (4 byt CVE-2019-15145 (DjVuLibre 3.5.27 allows attackers to cause a denial-of-service attack ...) {DLA-2667-1 DLA-1902-1} - djvulibre 3.5.27.1-11 (low) - [buster] - djvulibre <no-dsa> (Minor issue) NOTE: https://sourceforge.net/p/djvu/bugs/298/ NOTE: https://sourceforge.net/p/djvu/djvulibre-git/ci/9658b01431cd7ff6344d7787f855179e73fe81a7/ CVE-2019-15144 (In DjVuLibre 3.5.27, the sorting functionality (aka GArrayTemplate< ...) {DLA-2667-1 DLA-1902-1} - djvulibre 3.5.27.1-11 (low) - [buster] - djvulibre <no-dsa> (Minor issue) NOTE: https://sourceforge.net/p/djvu/bugs/299/ NOTE: https://sourceforge.net/p/djvu/djvulibre-git/ci/e15d51510048927f172f1bf1f27ede65907d940d/ CVE-2019-15143 (In DjVuLibre 3.5.27, the bitmap reader component allows attackers to c ...) {DLA-2667-1 DLA-1902-1} - djvulibre 3.5.27.1-11 (low) - [buster] - djvulibre <no-dsa> (Minor issue) NOTE: https://sourceforge.net/p/djvu/bugs/297/ NOTE: https://sourceforge.net/p/djvu/djvulibre-git/ci/b1f4e1b2187d9e5010cd01ceccf20b4a11ce723f/ CVE-2019-15142 (In DjVuLibre 3.5.27, DjVmDir.cpp in the DJVU reader component allows a ...) {DLA-2667-1 DLA-1902-1} - djvulibre 3.5.27.1-11 (low) - [buster] - djvulibre <no-dsa> (Minor issue) NOTE: https://sourceforge.net/p/djvu/bugs/296/ NOTE: https://sourceforge.net/p/djvu/djvulibre-git/ci/970fb11a296b5bbdc5e8425851253d2c5913c45e/ CVE-2019-15141 (WriteTIFFImage in coders/tiff.c in ImageMagick 7.0.8-43 Q16 allows att ...) diff --git a/data/DSA/list b/data/DSA/list index bddff9b2d3..70a190b849 100644 --- a/data/DSA/list +++ b/data/DSA/list @@ -1,3 +1,6 @@ +[28 Dec 2021] DSA-5032-1 djvulibre - security update + {CVE-2019-15142 CVE-2019-15143 CVE-2019-15144 CVE-2019-15145 CVE-2019-18804 CVE-2021-3500 CVE-2021-3630 CVE-2021-32490 CVE-2021-32491 CVE-2021-32492 CVE-2021-32493} + [buster] - djvulibre 3.5.27.1-10+deb10u1 [23 Dec 2021] DSA-5031-1 wpewebkit - security update {CVE-2021-30887 CVE-2021-30890} [bullseye] - wpewebkit 2.34.3-1~deb11u1 diff --git a/data/dsa-needed.txt b/data/dsa-needed.txt index ca88edda2c..eac89ada5b 100644 --- a/data/dsa-needed.txt +++ b/data/dsa-needed.txt @@ -25,8 +25,6 @@ chromium -- condor -- -djvulibre (fw) --- faad2/oldstable (jmm) -- fort-validator (jmm) |