Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
026be24d by Salvatore Bonaccorso at 2018-04-14T15:22:49+02:00
Add new perl issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -8224,8 +8224,12 @@ CVE-2017-18176 (Progress Sitefinity 9.1 has XSS via file 
upload, because JavaScr
        NOT-FOR-US: Progress Sitefinity
 CVE-2017-18175 (Progress Sitefinity 9.1 has XSS via the Content Management 
Template ...)
        NOT-FOR-US: Progress Sitefinity
-CVE-2018-6913
+CVE-2018-6913 [heap-buffer-overflow in S_pack_rec]
        RESERVED
+       - perl <unfixed>
+       NOTE: https://rt.perl.org/Public/Bug/Display.html?id=13184
+       NOTE: maint-5.26: 
https://perl5.git.perl.org/perl.git/commitdiff/0fcf83230df5f8c52602ae22fde57c7ea885534d
+       NOTE: maint-5.24: 
https://perl5.git.perl.org/perl.git/commitdiff/a9d5c6e11891b48be06d4e06eeed18642bc98527
 CVE-2018-6912 (The decode_plane function in libavcodec/utvideodec.c in FFmpeg 
through ...)
        - ffmpeg <unfixed> (low)
        [stretch] - ffmpeg <postponed> (Wait for next 3.2.x release)
@@ -8495,10 +8499,22 @@ CVE-2018-6799 (The AcquireCacheNexus function in 
magick/pixel_cache.c in ...)
        - graphicsmagick 1.3.28-1
        NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/b41e2efce6d3
        NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/d30ed06e9b87
-CVE-2018-6798
-       RESERVED
-CVE-2018-6797
-       RESERVED
+CVE-2018-6798 [Heap-buffer-overflow in Perl__byte_dump_string (utf8.c)]
+       RESERVED
+       - perl <unfixed>
+       [jessie] - perl <not-affected> (Issue introduced later)
+       NOTE: https://rt.perl.org/Public/Bug/Display.html?id=132063
+       NOTE: maint-5.26: 
https://perl5.git.perl.org/perl.git/commitdiff/8e6f44c90c7fa1f63c19a44c45482b09a407e15b
+       NOTE: maint-5.26: 
https://perl5.git.perl.org/perl.git/commitdiff/8b80ce67ff257aaa36e47eaf4194d27a51595524
+       NOTE: maint-5.24: 
https://perl5.git.perl.org/perl.git/commitdiff/0abf1e8d89aecd32dbdabda5da4d52a2d57a7cff
+       NOTE: maint-5.24: 
https://perl5.git.perl.org/perl.git/commitdiff/f65da1ca2eee74696d9c120e9d69af37b4fa1920
+CVE-2018-6797 [heap-buffer-overflow (WRITE of size 1) in S_regatom (regcomp.c)]
+       RESERVED
+       - perl <unfixed>
+       [jessie] - perl <ignored> (Backport of fixes too intrusive and risky 
for regressions)
+       NOTE: https://rt.perl.org/Public/Bug/Display.html?id=132227
+       NOTE: maint-5.26: 
https://perl5.git.perl.org/perl.git/commitdiff/abe1e6c568b96bcb382dfa4f61c56d1ab001ea51
+       NOTE: maint-5.24: 
https://perl5.git.perl.org/perl.git/commitdiff/510cc261d965ccfa427900ebb368fc4d337442d2
 CVE-2018-6796 (PHP Scripts Mall Multilanguage Real Estate MLM Script 3.0 has 
Stored ...)
        NOT-FOR-US: PHP Scripts Mall Multilanguage Real Estate MLM Script
 CVE-2018-6795 (PHP Scripts Mall Naukri Clone Script 3.0.3 has Stored XSS via 
every ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/026be24d0706c6edc624dac57107018bf3910fa0

---
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/026be24d0706c6edc624dac57107018bf3910fa0
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to