[Git][security-tracker-team/security-tracker][master] Two mruby issues fixed in unstable

Thu, 19 Apr 2018 20:30:03 -0700 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
cf080ca5 by Salvatore Bonaccorso at 2018-04-20T05:28:44+02:00
Two mruby issues fixed in unstable

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -104,7 +104,7 @@ CVE-2018-1000160 (RisingStack protect version 1.2.0 and 
earlier contains a Cross
 CVE-2018-1000158 (cmsmadesimple version 2.2.7 contains a Incorrect Access 
Control ...)
        NOT-FOR-US: CMS Made Simple
 CVE-2018-10199 (In versions of mruby up to and including 1.4.0, a 
use-after-free ...)
-       - mruby <unfixed> (bug #896021)
+       - mruby 1.4.0+20180418+git54905e98-1 (bug #896021)
        NOTE: https://github.com/mruby/mruby/issues/4001
        NOTE: 
https://github.com/mruby/mruby/commit/b51b21fc63c9805862322551387d9036f2b63433
 CVE-2018-10193 (LogMeIn LastPass through 4.9.1 allows remote attackers to 
cause a ...)
@@ -112,7 +112,7 @@ CVE-2018-10193 (LogMeIn LastPass through 4.9.1 allows 
remote attackers to cause 
 CVE-2018-10192 (IPVanish 3.0.11 for macOS suffers from a root privilege 
escalation ...)
        NOT-FOR-US: IPVanish for macOS
 CVE-2018-10191 (In versions of mruby up to and including 1.4.0, an integer 
overflow ...)
-       - mruby <unfixed> (bug #896020)
+       - mruby 1.4.0+20180418+git54905e98-1 (bug #896020)
        NOTE: https://github.com/mruby/mruby/issues/3995
        NOTE: 
https://github.com/mruby/mruby/commit/1905091634a6a2925c911484434448e568330626
 CVE-2018-10190 (A vulnerability in London Trust Media Private Internet Access 
(PIA) VPN ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/cf080ca54193119a2e5d7a83f2e3f2489c99d150

---
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/cf080ca54193119a2e5d7a83f2e3f2489c99d150
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to