From e6498e8745d4dfa8186cbda7f24ac06651092ae3 Mon Sep 17 00:00:00 2001 From: Moritz Muehlenhoff Date: Mon, 26 Sep 2022 16:56:54 +0200 Subject: update additional jpeg-xl issues --- data/CVE/list | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/data/CVE/list b/data/CVE/list index f01c9ef9f3..96274bbb07 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -84891,9 +84891,10 @@ CVE-2021-36692 (libjxl v0.3.7 is affected by a Divide By Zero in issue in lib/ex NOTE: https://github.com/libjxl/libjxl/pull/313 NOTE: https://github.com/libjxl/libjxl/commit/7dfa400ded53919d986c5d3d23446a09e0cf481b (v0.5) CVE-2021-36691 (libjxl v0.5.0 is affected by a Assertion failed issue in lib/jxl/image ...) - - jpeg-xl + - jpeg-xl (unimportant) NOTE: https://github.com/libjxl/libjxl/issues/422 NOTE: Special case of https://github.com/libjxl/libjxl/issues/762 + NOTE: Negligible security impact CVE-2021-36690 (** DISPUTED ** A segmentation fault can occur in the sqlite3.exe comma ...) - sqlite3 3.36.0-2 (unimportant) [stretch] - sqlite3 (vulnerable code is not present) @@ -107086,7 +107087,7 @@ CVE-2021-28028 (An issue was discovered in the toodee crate before 0.3.0 for Rus CVE-2021-28027 (An issue was discovered in the bam crate before 0.1.3 for Rust. There ...) NOT-FOR-US: Rust crate bam CVE-2021-28026 (jpeg-xl v0.3.2 is affected by a heap buffer overflow in /lib/jxl/coeff ...) - - jpeg-xl (bug #948862) + - jpeg-xl (Fixed before initial release) CVE-2021-28025 RESERVED CVE-2021-28024 (Unauthorized system access in the login form in ServiceTonic Helpdesk ...) @@ -107628,7 +107629,7 @@ CVE-2021-27806 CVE-2021-27805 RESERVED CVE-2021-27804 (JPEG XL (aka jpeg-xl) through 0.3.2 allows writable memory corruption. ...) - - jpeg-xl (bug #948862) + - jpeg-xl (Fixed before initial release) CVE-2021-27802 REJECTED CVE-2021-27801 -- cgit v1.2.3