Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: ccd8ee21 by Salvatore Bonaccorso at 2018-07-12T18:51:29+02:00 Add fixed version for CVE-2018-10187 fixed via unstable - - - - - 2f12dba4 by Salvatore Bonaccorso at 2018-07-12T18:52:09+02:00 Correct commit reference for CVE-2018-10186 - - - - - 2b4f654d by Salvatore Bonaccorso at 2018-07-12T18:52:23+02:00 Add fixed version for CVE-2018-10187 fvia unstable - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== --- a/data/CVE/list +++ b/data/CVE/list @@ -9518,19 +9518,19 @@ CVE-2018-10188 (phpMyAdmin 4.8.0 before 4.8.0-1 has CSRF, allowing an attacker t NOTE: https://www.phpmyadmin.net/security/PMASA-2018-2/ NOTE: https://github.com/phpmyadmin/phpmyadmin/commit/c6dd6b56e236a3aff953cee4135ecaa67130e641 CVE-2018-10187 (In radare2 2.5.0, there is a heap-based buffer over-read in the ...) - - radare2 <unfixed> (low; bug #897305) + - radare2 2.6.0+dfsg-1 (low; bug #897305) [stretch] - radare2 <no-dsa> (Minor issue) [jessie] - radare2 <no-dsa> (Minor issue) [wheezy] - radare2 <no-dsa> (Minor issue) NOTE: https://github.com/radare/radare2/issues/9913 NOTE: https://github.com/radare/radare2/commit/cdb278059b7b0aaaaa2315b82d0fa6ad50433db0 CVE-2018-10186 (In radare2 2.5.0, there is a heap-based buffer over-read in the ...) - - radare2 <unfixed> (low; bug #897305) + - radare2 2.6.0+dfsg-1 (low; bug #897305) [stretch] - radare2 <no-dsa> (Minor issue) [jessie] - radare2 <no-dsa> (Minor issue) [wheezy] - radare2 <no-dsa> (Minor issue) NOTE: https://github.com/radare/radare2/issues/9915 - NOTE: https://github.com/radare/radare2/commit/86ccbf47c5146d29b9a8e9c363aa800e9e217077 + NOTE: https://github.com/radare/radare2/commit/a0348bb1b512ef27301dd7cdfb327ef5e14813fc NOTE: Before applying the fix for CVE-2018-8808 the issue is covered/differently visible CVE-2018-10185 (An issue was discovered in TuziCMS v2.0.6. There is a CSRF ...) NOT-FOR-US: TuziCMS View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/c5fa2872e1cedda774cb8224c8a15602636df7f7...2b4f654d871a5d0a4a1f6fc38fca4977ad7ea01c -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/c5fa2872e1cedda774cb8224c8a15602636df7f7...2b4f654d871a5d0a4a1f6fc38fca4977ad7ea01c You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits