[Git][security-tracker-team/security-tracker][master] stretch triage

Fri, 07 Dec 2018 12:10:30 -0800 

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
023a7b50 by Moritz Muehlenhoff at 2018-12-07T20:09:18Z
stretch triage
mark sqlite3 as untermined for now, this could be entirely limited to 
Chromium's use of sqlite
  recheck once details are available

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1541,8 +1541,9 @@ CVE-2018-19657
 CVE-2018-19656
        RESERVED
 CVE-2018-19655 (A stack-based buffer overflow in the find_green() function of 
dcraw ...)
-       - ufraw 0.22-3.1 (bug #890086)
-       - dcraw 9.28-2 (bug #906529)
+       - ufraw 0.22-3.1 (unimportant; bug #890086)
+       - dcraw 9.28-2 (unimportant; bug #906529)
+       NOTE: No security impact, crash in CLI tool
 CVE-2018-19654 (An issue was discovered in Sales & Company Management 
System (SCMS) ...)
        NOT-FOR-US: Sales & Company Management System (SCMS)
 CVE-2018-19653
@@ -4607,7 +4608,8 @@ CVE-2018-19499 (Vanilla before 2.5.5 and 2.6.x before 
2.6.2 allows Remote Code .
 CVE-2018-19498
        RESERVED
 CVE-2018-19497 (In The Sleuth Kit (TSK) through 4.6.4, hfs_cat_traverse in 
tsk/fs/hfs.c ...)
-       - sleuthkit <unfixed> (bug #914796)
+       - sleuthkit <unfixed> (low; bug #914796)
+       [stretch] - sleuthkit <no-dsa> (Minor issue)
        NOTE: https://github.com/sleuthkit/sleuthkit/pull/1374
        NOTE: 
https://github.com/sleuthkit/sleuthkit/commit/bc04aa017c0bd297de8a3b7fc40ffc6ddddbb95d
 CVE-2018-19496
@@ -7776,7 +7778,7 @@ CVE-2018-18345
        - chromium 71.0.3578.80-1
 CVE-2018-18344
        RESERVED
-       - sqlite3 <unfixed>
+       - sqlite3 <undetermined>
        - chromium 71.0.3578.80-1
 CVE-2018-18343
        RESERVED



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/023a7b507343ea3133d50b66abc21c737f493aa9

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/023a7b507343ea3133d50b66abc21c737f493aa9
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to