Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 747157f0 by Salvatore Bonaccorso at 2018-04-22T11:14:32+02:00 Update todo item for CVE-2018-10126 Only start tracking it with a source package once issue is clarified. Cf. http://bugzilla.maptools.org/show_bug.cgi?id=2786 the issue raises not directly in libtiff. - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== --- a/data/CVE/list +++ b/data/CVE/list @@ -390,7 +390,7 @@ CVE-2018-10128 (An issue was discovered in XYHCMS 3.5. It has XSS via the test . CVE-2018-10127 (An issue was discovered in XYHCMS 3.5. It has CSRF via an ...) NOT-FOR-US: XYHCMS CVE-2018-10126 (LibTIFF 4.0.9 has a NULL pointer dereference in the jpeg_fdct_16x16 ...) - TODO: check + TODO: check, possible invalid (for src:tiff) assignment, cf. upstream bug CVE-2018-10125 RESERVED CVE-2018-10123 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/747157f0f804fcb5ffccde2ef4b38949255c2635 --- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/747157f0f804fcb5ffccde2ef4b38949255c2635 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list [email protected] https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
