[Git][security-tracker-team/security-tracker][master] Four curl issues fixed via unstable upload

Wed, 31 Oct 2018 23:40:09 -0700 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
10f29c72 by Salvatore Bonaccorso at 2018-11-01T06:39:24Z
Four curl issues fixed via unstable upload

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -4910,19 +4910,19 @@ CVE-2018-16844
 CVE-2018-16843
        RESERVED
 CVE-2018-16842 (Curl versions 7.14.1 through 7.61.1 are vulnerable to a 
heap-based ...)
-       - curl <unfixed>
+       - curl 7.62.0-1
        NOTE: https://curl.haxx.se/docs/CVE-2018-16842.html
        NOTE: Fixed by: 
https://github.com/curl/curl/commit/d530e92f59ae9bb2d47066c3c460b25d2ffeb211
 CVE-2018-16841
        RESERVED
 CVE-2018-16840 (A heap use-after-free flaw was found in curl versions from 
7.59.0 ...)
-       - curl <unfixed>
+       - curl 7.62.0-1
        [stretch] - curl <not-affected> (Use-after-free issue introduced later)
        NOTE: https://curl.haxx.se/docs/CVE-2018-16840.html
        NOTE: Fixed by: 
https://github.com/curl/curl/commit/81d135d67155c5295b1033679c606165d4e28f3f
        NOTE: Introduced by: 
https://github.com/curl/curl/commit/b46cfbc068ebe90f18e9777b9e877e4934c1b5e3
 CVE-2018-16839 (Curl versions 7.33.0 through 7.61.1 are vulnerable to a buffer 
overrun ...)
-       - curl <unfixed>
+       - curl 7.62.0-1
        NOTE: https://curl.haxx.se/docs/CVE-2018-16839.html
        NOTE: Fixed by: 
https://github.com/curl/curl/commit/f3a24d7916b9173c69a3e0ee790102993833d6c5
 CVE-2018-16838
@@ -10454,7 +10454,7 @@ CVE-2018-14619 (A flaw was found in the crypto 
subsystem of the Linux kernel bef
        NOTE: http://www.openwall.com/lists/oss-security/2018/08/28/1
 CVE-2018-14618 (curl before version 7.61.1 is vulnerable to a buffer overrun 
in the ...)
        {DSA-4286-1 DLA-1498-1}
-       - curl <unfixed> (bug #908327)
+       - curl 7.62.0-1 (bug #908327)
        NOTE: https://curl.haxx.se/docs/CVE-2018-14618.html
        NOTE: https://github.com/curl/curl/issues/2756
        NOTE: 
https://github.com/curl/curl/commit/57d299a499155d4b327e341c6024e293b0418243



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/10f29c72cd807513bc016ec26a8411d6a4615bea

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/10f29c72cd807513bc016ec26a8411d6a4615bea
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to