Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
6775b088 by Salvatore Bonaccorso at 2018-11-18T17:00:25Z
CVE-2018-16382/nasm fixed in unstable via 2.14-1 upload
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -7625,8 +7625,10 @@ CVE-2018-16384 (A SQL injection bypass (aka PL1 bypass)
exists in OWASP ModSecur
CVE-2018-16383
RESERVED
CVE-2018-16382 (Netwide Assembler (NASM) 2.14rc15 has a buffer over-read in
...)
- - nasm <unfixed> (unimportant; bug #907866)
+ - nasm 2.14-1 (unimportant; bug #907866)
NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392503
+ NOTE: Duplicate of/relate to
https://bugzilla.nasm.us/show_bug.cgi?id=3392447
+ NOTE:
https://github.com/netwide-assembler/nasm/commit/3c755dac88039b718d52ef56e8f74b5f65f3b55b
NOTE: Crash in CLI tool, no security impact
CVE-2018-16381 (e107 2.1.8 has XSS via the
e107_admin/users.php?mode=main&action=list ...)
NOT-FOR-US: e107
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/6775b088212c90e172387821c15381e58fdfabc0
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/6775b088212c90e172387821c15381e58fdfabc0
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
