[Git][security-tracker-team/security-tracker][master] CVE-2018-14036/accountsservice assigned

Fri, 13 Jul 2018 05:21:01 -0700 

Emilio Pozuelo Monfort pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
9852a094 by Emilio Pozuelo Monfort at 2018-07-13T14:19:54+02:00
CVE-2018-14036/accountsservice assigned

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,6 +1,13 @@
 CVE-2018-XXXX [double free in MP4v2]
        - mp4v2 <unfixed>
        NOTE: http://www.openwall.com/lists/oss-security/2018/07/13/1
+CVE-2018-14036 [accountservice: insufficient path check in 
user_change_icon_file_authorized_cb()]
+       - accountsservice <unfixed> (low)
+       [stretch] - accountsservice <no-dsa> (Minor issue)
+       [jessie] - accountsservice <ignored> (Minor issue)
+       NOTE: http://www.openwall.com/lists/oss-security/2018/07/02/2
+       NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=107085
+       NOTE: 
https://cgit.freedesktop.org/accountsservice/commit/?id=f9abd359f71a5bce421b9ae23432f539a067847a
 CVE-2018-14035 (An issue was discovered in the HDF HDF5 1.8.20 library. There 
is a ...)
        TODO: check
 CVE-2018-14034 (An issue was discovered in the HDF HDF5 1.8.20 library. There 
is an out ...)
@@ -2105,13 +2112,6 @@ CVE-2018-13046
        RESERVED
 CVE-2018-13045
        RESERVED
-CVE-2018-XXXX [accountservice: insufficient path check in 
user_change_icon_file_authorized_cb()]
-       - accountsservice <unfixed> (low)
-       [stretch] - accountsservice <no-dsa> (Minor issue)
-       [jessie] - accountsservice <ignored> (Minor issue)
-       NOTE: http://www.openwall.com/lists/oss-security/2018/07/02/2
-       NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=107085
-       NOTE: 
https://cgit.freedesktop.org/accountsservice/commit/?id=f9abd359f71a5bce421b9ae23432f539a067847a
 CVE-2018-13054 (An issue was discovered in Cinnamon 1.9.2 through 3.8.6. The 
...)
        - cinnamon <unfixed> (bug #903201)
        [stretch] - cinnamon <no-dsa> (Minor issue)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/9852a09467bc09bc63caff31d21aa740c5d84054

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/9852a09467bc09bc63caff31d21aa740c5d84054
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to