[Git][security-tracker-team/security-tracker][master] Add commit reference (pull request) for CVE-2018-100083{2,3}/zoneminder

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
476b6cd2 by Salvatore Bonaccorso at 2018-12-21T18:27:17Z
Add commit reference (pull request) for CVE-2018-100083{2,3}/zoneminder

Fixed in recent experimental upload via new upstream version 1.32.3.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -173,13 +173,19 @@ CVE-2018-1000835 (KeePassDX version <= 2.5.0.0beta17 
contains a XML External
 CVE-2018-1000834 (runelite version <= runelite-parent-1.4.23 contains a XML 
External ...)
        NOT-FOR-US: runelite
 CVE-2018-1000833 (ZoneMinder version <= 1.32.2 contains a Other/Unknown 
vulnerability in ...)
+       [experimental] - zoneminder 1.32.3-1
        - zoneminder <unfixed> (bug #917024)
        NOTE: https://0dd.zone/2018/10/28/zoneminder-Object-Injection-2/
        NOTE: https://github.com/ZoneMinder/zoneminder/issues/2272
+       NOTE: https://github.com/ZoneMinder/zoneminder/pull/2273
+       NOTE: 
https://github.com/ZoneMinder/zoneminder/commit/f790eacc92f687442ae24df7a48f54861a4518b3
 (1.32.3)
 CVE-2018-1000832 (ZoneMinder version &lt;= 1.32.2 contains a Other/Unknown 
vulnerability in ...)
+       [experimental] - zoneminder 1.32.3-1
        - zoneminder <unfixed> (bug #917024)
        NOTE: https://0dd.zone/2018/10/28/zoneminder-Object-Injection/
        NOTE: https://github.com/ZoneMinder/zoneminder/issues/2271
+       NOTE: https://github.com/ZoneMinder/zoneminder/pull/2273
+       NOTE: 
https://github.com/ZoneMinder/zoneminder/commit/f790eacc92f687442ae24df7a48f54861a4518b3
 (1.32.3)
 CVE-2018-1000831 (K9Mail version &lt;= v5.600 contains a XML External Entity 
(XXE) ...)
        NOT-FOR-US: K9Mail
 CVE-2018-1000830 (XR3Player version &lt;= V3.124 contains a XML External 
Entity (XXE) ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/476b6cd2f351f6d38c57f9b4aacebe2e4e2b3cce

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/476b6cd2f351f6d38c57f9b4aacebe2e4e2b3cce
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits