Markus Koschany pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
15de3c2b by Markus Koschany at 2018-11-04T18:42:01Z
Remove mkvtoolnix from dla-needed.txt again.
On closer inspection the vulnerable code is not present
- - - - -
7ff8e6ff by Markus Koschany at 2018-11-04T18:45:57Z
CVE-2018-4022,mkvtoolnix: Jessie is not affected.
- - - - -
2 changed files:
- data/CVE/list
- data/dla-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -39753,6 +39753,7 @@ CVE-2018-4023
RESERVED
CVE-2018-4022 (A use-after-free vulnerability exists in the way MKVToolNix
MKVINFO ...)
- mkvtoolnix 28.2.0-1
+ [jessie] - mkvtoolnix <not-affected> (vulnerable code is not present)
NOTE:
https://talosintelligence.com/vulnerability_reports/TALOS-2018-0694
NOTE:
https://gitlab.com/mbunkus/mkvtoolnix/commit/43021d16c7bcd3f9f70214827755a5163782b633
CVE-2018-4021
=====================================
data/dla-needed.txt
=====================================
@@ -54,8 +54,6 @@ linux (Ben Hutchings)
--
linux-4.9 (Ben Hutchings)
--
-mkvtoolnix
---
mysql-5.5 (Roberto C. Sánchez)
--
nsis (Thorsten Alteholz)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/compare/16bef75eaa2e60f06fb43c7683ebb0acf07380f5...7ff8e6ff52a1cbf80dc381ac0fc78b06efced497
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/compare/16bef75eaa2e60f06fb43c7683ebb0acf07380f5...7ff8e6ff52a1cbf80dc381ac0fc78b06efced497
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
