There are 2 open security issues in buster.
2 issues left for the package maintainer to handle:
- CVE-2020-29394:
(needs triaging)
A buffer overflow in the dlt_filter_load function in dlt_common.c from dlt-daemon through 2.18.5 (GENIVI Diagnostic Log and Trace) allows arbitrary code execution because fscanf is misused (no limit on the number of characters to be read in the format argument).
- CVE-2020-36244:
(needs triaging)
The daemon in GENIVI Diagnostic Log and Trace (DLT) before 2.18.6 has a heap-based buffer overflow in dlt_buffer_write_block in shared/dlt_common.c.
You can find information about how to handle these issues in the security team's documentation.