[Git][security-tracker-team/security-tracker][master] Various leptonlib issues fixed with 1.76.0-1 upload

Fri, 11 May 2018 12:14:59 -0700 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
e82a3b6d by Salvatore Bonaccorso at 2018-05-11T21:12:47+02:00
Various leptonlib issues fixed with 1.76.0-1 upload

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -9578,7 +9578,7 @@ CVE-2018-7253 (The ParseDsdiffHeaderConfig function of 
the cli/dsdiff.c file of 
 CVE-2018-7248
        RESERVED
 CVE-2018-7247 (An issue was discovered in pixHtmlViewer in prog/htmlviewer.c 
in ...)
-       - leptonlib <unfixed> (unimportant)
+       - leptonlib 1.76.0-1 (unimportant)
        NOTE: 
https://github.com/DanBloomberg/leptonica/commit/c1079bb8e77cdd426759e466729917ca37a3ed9f
 CVE-2018-7246 (A cleartext transmission of sensitive information vulnerability 
exists ...)
        NOT-FOR-US: Schneider
@@ -18813,13 +18813,13 @@ CVE-2018-3837 (An exploitable information disclosure 
vulnerability exists in the
        NOTE: 
https://hg.libsdl.org/SDL_image/rev/2938fc80591abeae74b971cbdf966eff3213297e
        NOTE: 
https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0519
 CVE-2018-7442 (An issue was discovered in Leptonica through 1.75.3. The ...)
-       - leptonlib <unfixed> (bug #898439)
+       - leptonlib 1.76.0-1 (bug #898439)
        [stretch] - leptonlib <no-dsa> (Minor issue)
        [jessie] - leptonlib <no-dsa> (Minor issue)
        [wheezy] - leptonlib <ignored> (Minor issue)
        NOTE: https://lists.debian.org/debian-lts/2018/02/msg00086.html
 CVE-2018-7441 (Leptonica through 1.75.3 uses hardcoded /tmp pathnames, which 
might ...)
-       - leptonlib <unfixed> (unimportant)
+       - leptonlib 1.76.0-1 (unimportant)
        NOTE: https://lists.debian.org/debian-lts/2018/02/msg00054.html
        NOTE: Neutralised by kernel hardening
 CVE-2017-18196 (Leptonica 1.74.4 constructs unintended pathnames (containing 
duplicated ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/e82a3b6ded0b36b68352a49612d4744b16fc9f4a

---
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/e82a3b6ded0b36b68352a49612d4744b16fc9f4a
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to