Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 5ec228f8 by Salvatore Bonaccorso at 2018-08-05T10:39:57Z Add note on CVE-2017-7893 Asked upstream on where the fix lies and more details in the upstrema issue at https://github.com/saltstack/salt/issues/48939 . - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== --- a/data/CVE/list +++ b/data/CVE/list @@ -68928,7 +68928,8 @@ CVE-2017-7894 (WinDjView 2.1 might allow user-assisted attackers to execute code CVE-2017-7893 (In SaltStack Salt before 2016.3.6, compromised salt-minions can ...) - salt <undetermined> NOTE: https://docs.saltstack.com/en/2017.7/topics/releases/2016.3.6.html - TODO: check, pinpoint fixing version, check with maintainers on issue + NOTE: https://github.com/saltstack/salt/issues/48939 + TODO: check, pinpoint fixing version, check with maintainers on issue, upstream asked CVE-2017-7892 (Sandstorm Cap'n Proto before 0.5.3.1 allows remote crashes related to a ...) - capnproto 0.6.1-1 (unimportant; bug #860960) NOTE: https://github.com/sandstorm-io/capnproto/blob/master/security-advisories/2017-04-17-0-apple-clang-elides-bounds-check.md View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/5ec228f8eb84d0bac665ee809bc769e59ca6ccbb -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/5ec228f8eb84d0bac665ee809bc769e59ca6ccbb You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list [email protected] https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
