CVE-2021-33293

Name	CVE-2021-33293
Description	Panorama Tools libpano13 v2.9.20 was discovered to contain an out-of-bounds read in the function panoParserFindOLine() in parser.c.
Source	CVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
References	DLA-2957-1
Debian Bugs	1008024

Vulnerable and fixed packages

The table below lists information on source packages.

Source Package	Release	Version	Status
libpano13 (PTS)	bullseye	2.9.20~rc3+dfsg-1	vulnerable
	bookworm	2.9.21+dfsg-3	fixed
	sid, trixie	2.9.22+dfsg-1.1	fixed

The information below is based on the following data on fixed versions.

Package	Type	Release	Fixed Version	Origin	Debian Bugs
libpano13	source	experimental	2.9.21~rc1+dfsg-1
libpano13	source	stretch	2.9.19+dfsg-2+deb9u2	DLA-2957-1
libpano13	source	(unstable)	2.9.21+dfsg-2		1008024

Notes

[bullseye] - libpano13 <no-dsa> (Minor issue)
[buster] - libpano13 <no-dsa> (Minor issue)
https://groups.google.com/u/1/g/hugin-ptx/c/gLtz2vweD74
Fixed by: https://sourceforge.net/p/panotools/libpano13/ci/62aa7eed8fae5d8f247a2508a757f31000de386f/