Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
92554219 by Salvatore Bonaccorso at 2018-10-26T08:47:24Z
Update information on CVE-2018-12478
The issue affects the replace_using_package_version addiononal
obs-service which is not part of open-build-service itself and not
packaged in Debian.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -15235,7 +15235,7 @@ CVE-2018-12479 (A Improper Input Validation
vulnerability in Open Build Service
NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1108435
NOTE:
https://github.com/openSUSE/open-build-service/commit/01b015ca2a320afc4fae823465d1e72da8bd60df
CVE-2018-12478 (A Improper Input Validation vulnerability in Open Build
Service allows ...)
- - open-build-service <unfixed> (bug #911797)
+ NOT-FOR-US: obs-service replace_using_package_version
NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1108280
CVE-2018-12477 (A Improper Neutralization of CRLF Sequences vulnerability in
Open ...)
NOT-FOR-US: obs-service refresh_patches
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/92554219668b01f920b7d4ae24c0e7daf8d59a98
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/92554219668b01f920b7d4ae24c0e7daf8d59a98
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
