[Git][security-tracker-team/security-tracker][master] 2 commits: Add references for CVE-2017-2808/ledger

Sat, 26 Jan 2019 12:53:33 -0800 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
1ed87bc3 by Salvatore Bonaccorso at 2019-01-26T20:50:00Z
Add references for CVE-2017-2808/ledger

- - - - -
acb3af08 by Salvatore Bonaccorso at 2019-01-26T20:50:50Z
Add references for CVE-2017-2807

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -115878,12 +115878,16 @@ CVE-2017-2808 (An exploitable use-after-free 
vulnerability exists in the account
        [jessie] - ledger <no-dsa> (Minor issue)
        [wheezy] - ledger <no-dsa> (Minor issue)
        NOTE: 
https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0304
+       NOTE: https://github.com/ledger/ledger/issues/1723
+       NOTE: 
https://github.com/ledger/ledger/commit/f3bad93db256db07b6cb831d4d24f47543f57e4a
 CVE-2017-2807 (An exploitable buffer overflow vulnerability exists in the tag 
parsing ...)
        - ledger <unfixed> (low; bug #876660)
        [stretch] - ledger <no-dsa> (Minor issue)
        [jessie] - ledger <no-dsa> (Minor issue)
        [wheezy] - ledger <no-dsa> (Minor issue)
        NOTE: 
https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0303
+       NOTE: https://github.com/ledger/ledger/issues/1722
+       NOTE: 
https://github.com/ledger/ledger/commit/5682f377aed5b0db6b6c4a44b1d8868103b7e9f7
 CVE-2017-2806 (An exploitable arbitrary read exists in the XLS parsing of the 
Lexmark ...)
        NOT-FOR-US: Lexmark Perspective Document Filters conversion 
functionality
 CVE-2017-2805 (An exploitable stack-based buffer overflow vulnerability exists 
in the ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/compare/54eae2de5befa0fd52e5ccac08f0641bd97ebc6f...acb3af08418561ee15b5c35cffe3fe384613f597

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/compare/54eae2de5befa0fd52e5ccac08f0641bd97ebc6f...acb3af08418561ee15b5c35cffe3fe384613f597
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to