Update tracking for CVE-2021-36692/jpeg-xl

author: Salvatore Bonaccorso <carnil@debian.org> 2022-01-01 11:36:07 +0100
committer: Salvatore Bonaccorso <carnil@debian.org> 2022-01-01 11:36:07 +0100
commit: b1096d0fe94409f4c223582254b1f49a410b5b54 (patch)
tree: b5dab5f8e8da41ce80851e33fa460c2bf2f9d615
parent: 450e297b1219e2816755e0eb0f93fde3cf2846fa (diff)
1 files changed, 4 insertions, 1 deletions
diff --git a/data/CVE/2021.list b/data/CVE/2021.list
index 301920fb81..039e5d9658 100644
--- a/data/CVE/2021.list
+++ b/data/CVE/2021.list
@@ -22574,7 +22574,10 @@ CVE-2021-36694
 CVE-2021-36693
 	RESERVED
 CVE-2021-36692 (libjxl v0.3.7 is affected by a Divide By Zero in issue in lib/extras/c ...)
-	NOT-FOR-US: libjxl
+	- jpeg-xl <not-affected> (Fixed before initial upload to Debian)
+	NOTE: https://github.com/libjxl/libjxl/issues/308
+	NOTE: https://github.com/libjxl/libjxl/pull/313
+	NOTE: https://github.com/libjxl/libjxl/commit/7dfa400ded53919d986c5d3d23446a09e0cf481b (v0.5)
 CVE-2021-36691 (libjxl v0.5.0 is affected by a Assertion failed issue in lib/jxl/image ...)
 	- jpeg-xl <unfixed>
 	NOTE: https://github.com/libjxl/libjxl/issues/422
author	Salvatore Bonaccorso <carnil@debian.org>	2022-01-01 11:36:07 +0100
committer	Salvatore Bonaccorso <carnil@debian.org>	2022-01-01 11:36:07 +0100
commit	b1096d0fe94409f4c223582254b1f49a410b5b54 (patch)
tree	b5dab5f8e8da41ce80851e33fa460c2bf2f9d615
parent	450e297b1219e2816755e0eb0f93fde3cf2846fa (diff)