[Git][security-tracker-team/security-tracker][master] 2 commits: NFU (confirmed by maintainer)

Wed, 18 Jul 2018 14:31:49 -0700 

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
662d27f7 by Moritz Muehlenhoff at 2018-07-18T23:29:24+02:00
NFU (confirmed by maintainer)

- - - - -
fc5b408f by Moritz Muehlenhoff at 2018-07-18T23:30:37+02:00
additional znc refs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -745,10 +745,12 @@ CVE-2018-14055 (ZNC before 1.7.1-rc1 does not properly 
validate untrusted lines 
        - znc 1.7.1-1 (bug #903787)
        NOTE: 
https://github.com/znc/znc/commit/a7bfbd93812950b7444841431e8e297e62cb524e
        NOTE: 
https://github.com/znc/znc/commit/d22fef8620cdd87490754f607e7153979731c69d
+       NOTE: http://www.openwall.com/lists/oss-security/2018/07/18/4
 CVE-2018-14056 (ZNC before 1.7.1-rc1 is prone to a path traversal flaw via ../ 
in a web ...)
        {DLA-1427-1}
        - znc 1.7.1-1 (bug #903788)
        NOTE: 
https://github.com/znc/znc/commit/a4a5aeeb17d32937d8c7d743dae9a4cc755ce773
+       NOTE: http://www.openwall.com/lists/oss-security/2018/07/18/5
 CVE-2018-14053
        RESERVED
 CVE-2018-14052 (An issue has been found in libwav through 2017-04-20. It is a 
SEGV in ...)
@@ -15023,7 +15025,7 @@ CVE-2018-8358
 CVE-2018-8357
        RESERVED
 CVE-2018-8356 (A security feature bypass vulnerability exists when Microsoft 
.NET ...)
-       TODO: check, could affect mono packages
+       NOT-FOR-US: Microsoft .NET, doesn't affect src:mono
 CVE-2018-8355
        RESERVED
 CVE-2018-8354



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/compare/4da76ea722d40f15ce0a144ff12e58f708603c35...fc5b408ff4c8c2bf4ef50a3f375166b46f09632b

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/compare/4da76ea722d40f15ce0a144ff12e58f708603c35...fc5b408ff4c8c2bf4ef50a3f375166b46f09632b
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to