Update tracking for CVE-2021-36692/jpeg-xl

author: Salvatore Bonaccorso <carnil@debian.org> 2022-01-01 11:36:07 +0100
committer: Salvatore Bonaccorso <carnil@debian.org> 2022-01-01 11:36:07 +0100
commit: 5ba3086701a22a680e47af6a4cbffd6aae786fdd (patch)
tree: e26ddc6c41af4fb4457d6637743253a0b9c5fb58
parent: 2711532ca8331ef30293ee1af12de665b06d64cb (diff)
1 files changed, 4 insertions, 1 deletions
diff --git a/data/CVE/list.2021 b/data/CVE/list.2021
index 301920fb81..039e5d9658 100644
--- a/data/CVE/list.2021
+++ b/data/CVE/list.2021
@@ -22574,7 +22574,10 @@ CVE-2021-36694
 CVE-2021-36693
 	RESERVED
 CVE-2021-36692 (libjxl v0.3.7 is affected by a Divide By Zero in issue in lib/extras/c ...)
-	NOT-FOR-US: libjxl
+	- jpeg-xl <not-affected> (Fixed before initial upload to Debian)
+	NOTE: https://github.com/libjxl/libjxl/issues/308
+	NOTE: https://github.com/libjxl/libjxl/pull/313
+	NOTE: https://github.com/libjxl/libjxl/commit/7dfa400ded53919d986c5d3d23446a09e0cf481b (v0.5)
 CVE-2021-36691 (libjxl v0.5.0 is affected by a Assertion failed issue in lib/jxl/image ...)
 	- jpeg-xl <unfixed>
 	NOTE: https://github.com/libjxl/libjxl/issues/422
author	Salvatore Bonaccorso <carnil@debian.org>	2022-01-01 11:36:07 +0100
committer	Salvatore Bonaccorso <carnil@debian.org>	2022-01-01 11:36:07 +0100
commit	5ba3086701a22a680e47af6a4cbffd6aae786fdd (patch)
tree	e26ddc6c41af4fb4457d6637743253a0b9c5fb58
parent	2711532ca8331ef30293ee1af12de665b06d64cb (diff)