Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
da5e0880 by Salvatore Bonaccorso at 2018-09-30T12:31:01Z
Add further notes for CVE-2018-13794
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -9646,6 +9646,8 @@ CVE-2018-13795 (Gravity before 0.5.1 does not support a
maximum recursion depth.
CVE-2018-13794 (A heap-based buffer overflow exists in stbi__bmp_load_cont in
...)
- catimg <unfixed> (bug #903711)
NOTE: https://github.com/posva/catimg/issues/34
+ NOTE: Upstream fixed the issue by updating the stb_image copy to v2.19.
+ NOTE: https://github.com/posva/catimg/pull/41
CVE-2018-13793 (Multiple Cross Site Request Forgery (CSRF) vulnerabilities in
the HTTP ...)
NOT-FOR-US: ABBYY FlexiCapture
CVE-2018-13792
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/da5e0880a93a67aab30b0794970a45a713211d26
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/da5e0880a93a67aab30b0794970a45a713211d26
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
