Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 877e60c3 by Salvatore Bonaccorso at 2019-01-13T15:45:52Z Add fixed version for CVE-2018-10771 and CVE-2018-10753 in unstable - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -38818,7 +38818,7 @@ CVE-2018-10772 (The tEXtToDataBuf function in pngimage.cpp in Exiv2 through 0.26 - exiv2 <not-affected> (Vulnerable code introduced after 0.25) NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1566260 CVE-2018-10771 (Stack-based buffer overflow in the get_key function in parse.c in ...) - - abcm2ps <unfixed> (unimportant; bug #898130) + - abcm2ps 8.14.2-0.1 (unimportant; bug #898130) NOTE: https://github.com/leesavide/abcm2ps/issues/17 NOTE: https://github.com/leesavide/abcm2ps/commit/dc0372993674d0b50fedfbf7b9fad1239b8efc5f NOTE: Crash in CLI tool (neutralised by toolchain hardening), no security impact @@ -38875,7 +38875,7 @@ CVE-2018-10754 (In ncurses before 6.1.20180414, there is a NULL Pointer Derefere NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1566575 NOTE: https://invisible-island.net/ncurses/NEWS.html#t20180414 CVE-2018-10753 (Stack-based buffer overflow in the delayed_output function in music.c ...) - - abcm2ps <unfixed> (unimportant; bug #897966) + - abcm2ps 8.14.2-0.1 (unimportant; bug #897966) NOTE: https://github.com/leesavide/abcm2ps/issues/16 NOTE: https://github.com/leesavide/abcm2ps/commit/fd956e19f88ee32f8ec4aece5901400b06e80bcc NOTE: Crash in CLI tool, no security impact View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/877e60c3673061edf63ab2ee0bbad6763808dfee -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/877e60c3673061edf63ab2ee0bbad6763808dfee You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits