Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
02085205 by Salvatore Bonaccorso at 2019-01-08T06:45:40Z
CVE-2018-20187/botan: reference commit instead of merge commit
- - - - -
fce7721a by Salvatore Bonaccorso at 2019-01-08T06:46:49Z
Add botan1.10 for CVE-2018-20187
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -5920,8 +5920,9 @@ CVE-2018-20188 (FUEL CMS 1.4.3 has CSRF via users/create/
to add an administrato
NOT-FOR-US: FUEL CMS
CVE-2018-20187 [Timing side channel during ECC key generation could leak
information...]
- botan <unfixed>
+ - botan1.10 <not-affected> (Vulnerable code introduced in 1.10.20)
NOTE: https://github.com/randombit/botan/pull/1792
- NOTE:
https://github.com/randombit/botan/commit/d52602d9b2be7d74bd2e9251e203f4cae513293f
+ NOTE:
https://github.com/randombit/botan/commit/70aa7303acfff9eefc24598c289a84db3579ebd1
CVE-2018-20186 (An issue was discovered in Bento4 1.5.1-627.
AP4_Sample::ReadData in ...)
NOT-FOR-US: Bento4
CVE-2018-20185 (In GraphicsMagick 1.4 snapshot-20181209 Q8 on 32-bit
platforms, there ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/compare/87072c07a9e204866d6c799bb92bd03af8f77733...fce7721a322a850c950bd00f1a4f0154fbb14898
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/compare/87072c07a9e204866d6c799bb92bd03af8f77733...fce7721a322a850c950bd00f1a4f0154fbb14898
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
