diff options
| author | Moritz Muehlenhoff <jmm@debian.org> | 2020-08-29 19:26:34 +0200 |
|---|---|---|
| committer | Moritz Muehlenhoff <jmm@debian.org> | 2020-08-29 19:26:59 +0200 |
| commit | f95756e4844fe46333dcdf72d25b48218654a395 (patch) | |
| tree | bfc52bd484c2efe7d0e69ea6bcbfe13da40745a9 /data | |
| parent | 51fd398f27c09992523fc460da6e8cb2e5947156 (diff) | |
thunderbird, lilypond, openexr DSAs
Diffstat (limited to 'data')
| -rw-r--r-- | data/CVE/list | 4 | ||||
| -rw-r--r-- | data/DSA/list | 9 | ||||
| -rw-r--r-- | data/dsa-needed.txt | 6 |
3 files changed, 9 insertions, 10 deletions
diff --git a/data/CVE/list b/data/CVE/list index 4e89b36ccf..7be62b76a6 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -196440,7 +196440,6 @@ CVE-2017-9116 (In OpenEXR 2.2.0, an invalid read of size 1 in the uncompress fun NOTE: https://github.com/openexr/openexr/issues/232 CVE-2017-9115 (In OpenEXR 2.2.0, an invalid write of size 2 in the = operator functio ...) - openexr <unfixed> (bug #873885) - [buster] - openexr <no-dsa> (Minor issue) [stretch] - openexr <no-dsa> (Minor issue) [jessie] - openexr <no-dsa> (Minor issue) [wheezy] - openexr <no-dsa> (Minor issue) @@ -196448,7 +196447,6 @@ CVE-2017-9115 (In OpenEXR 2.2.0, an invalid write of size 2 in the = operator fu NOTE: https://github.com/openexr/openexr/issues/232 CVE-2017-9114 (In OpenEXR 2.2.0, an invalid read of size 1 in the refill function in ...) - openexr <unfixed> (bug #873885) - [buster] - openexr <no-dsa> (Minor issue) [stretch] - openexr <no-dsa> (Minor issue) [jessie] - openexr <no-dsa> (Minor issue) [wheezy] - openexr <no-dsa> (Minor issue) @@ -196456,7 +196454,6 @@ CVE-2017-9114 (In OpenEXR 2.2.0, an invalid read of size 1 in the refill functio NOTE: https://github.com/openexr/openexr/issues/232 CVE-2017-9113 (In OpenEXR 2.2.0, an invalid write of size 1 in the bufferedReadPixels ...) - openexr <unfixed> (low; bug #873885) - [buster] - openexr <no-dsa> (Minor issue) [stretch] - openexr <no-dsa> (Minor issue) [jessie] - openexr <no-dsa> (Minor issue) [wheezy] - openexr <no-dsa> (Minor issue) @@ -196471,7 +196468,6 @@ CVE-2017-9112 (In OpenEXR 2.2.0, an invalid read of size 1 in the getBits functi NOTE: https://github.com/openexr/openexr/issues/232 CVE-2017-9111 (In OpenEXR 2.2.0, an invalid write of size 8 in the storeSSE function ...) - openexr <unfixed> (bug #873885) - [buster] - openexr <no-dsa> (Minor issue) [stretch] - openexr <no-dsa> (Minor issue) [jessie] - openexr <no-dsa> (Minor issue) [wheezy] - openexr <no-dsa> (Minor issue) diff --git a/data/DSA/list b/data/DSA/list index a1ca43589d..c27a389868 100644 --- a/data/DSA/list +++ b/data/DSA/list @@ -1,3 +1,12 @@ +[29 Aug 2020] DSA-4756-1 lilypond - security update + {CVE-2020-17353} + [buster] - lilypond 2.19.81+really-2.18.2-13+deb10u1 +[29 Aug 2020] DSA-4755-1 openexr - security update + {CVE-2017-9111 CVE-2017-9113 CVE-2017-9114 CVE-2017-9115 CVE-2020-11758 CVE-2020-11759 CVE-2020-11760 CVE-2020-11761 CVE-2020-11762 CVE-2020-11763 CVE-2020-11764 CVE-2020-11765 CVE-2020-15305 CVE-2020-15306} + [buster] - openexr 2.2.1-4.1+deb10u1 +[29 Aug 2020] DSA-4754-1 thunderbird - security update + {CVE-2020-15664 CVE-2020-15669} + [buster] - thunderbird 1:68.12.0-1~deb10u1 [29 Aug 2020] DSA-4753-1 mupdf - security update {CVE-2019-13290} [buster] - mupdf 1.14.0+ds1-4+deb10u1 diff --git a/data/dsa-needed.txt b/data/dsa-needed.txt index e6521455cd..7b85fc1d7f 100644 --- a/data/dsa-needed.txt +++ b/data/dsa-needed.txt @@ -22,20 +22,14 @@ curl (ghedo) knot-resolver Santiago Ruano Rincón proposed a debdiff for review -- -lilypond (jmm) --- linux (carnil) Wait until more issues have piled up -- -openexr (jmm) --- rails (jmm) Sylvain Beucler proposed to help for the update, remaining CVEs to be done -- teeworlds (jmm) -- -thunderbird (jmm) --- xcftools Hugo proposed to work on this update -- |