summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorThorsten Alteholz <debian@alteholz.de>2022-01-27 23:40:31 +0100
committerThorsten Alteholz <debian@alteholz.de>2022-01-27 23:40:31 +0100
commitda20372b10186c40c2ee6176c737024899982602 (patch)
treefabd3ee88b7bccc89704155bc9309c0bba5840f8
parent81b9a54a95c6de92f484828cb2fc6470d857cc18 (diff)
Reserve DLA-2902-1 for graphicsmagick
Diffstat
-rw-r--r--data/CVE/list.20201
-rw-r--r--data/DLA/list3
2 files changed, 3 insertions, 1 deletions
diff --git a/data/CVE/list.2020 b/data/CVE/list.2020
index 974705f448..91190490d6 100644
--- a/data/CVE/list.2020
+++ b/data/CVE/list.2020
@@ -42890,7 +42890,6 @@ CVE-2020-12672 (GraphicsMagick through 1.3.35 has a heap-based buffer overflow i
{DLA-2236-1}
- graphicsmagick 1.4+really1.3.35-2 (bug #960000)
[buster] - graphicsmagick <postponed> (Minor issue; can be fixed along in future DSA)
- [stretch] - graphicsmagick <postponed> (Minor issue; can be fixed along in future DSA)
NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=19025
NOTE: Fixed by: https://sourceforge.net/p/graphicsmagick/code/ci/50395430a37188d0d197e71bd85ed6dd0f649ee3/
CVE-2020-12671
diff --git a/data/DLA/list b/data/DLA/list
index dbe0698ef9..3765a047d4 100644
--- a/data/DLA/list
+++ b/data/DLA/list
@@ -1,3 +1,6 @@
+[27 Jan 2022] DLA-2902-1 graphicsmagick - security update
+ {CVE-2020-12672}
+ [stretch] - graphicsmagick 1.3.30+hg15796-1~deb9u5
[26 Jan 2022] DLA-2883-2 uriparser - regression update
{CVE-2021-46141}
[stretch] - uriparser 0.8.4-1+deb9u4

© 2014-2024 Faster IT GmbH | imprint | privacy policy