[Git][security-tracker-team/security-tracker][master] ledger fixed

Moritz Muehlenhoff Wed, 06 Feb 2019 03:57:43 -0800

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
8b1c1c13 by Moritz Muehlenhoff at 2019-02-06T11:56:56Z
ledger fixed

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -87387,7 +87387,7 @@ CVE-2017-12484
 CVE-2017-12483
        RESERVED
 CVE-2017-12482 (The ledger::parse_date_mask_routine function in times.cc in 
Ledger ...)
-       - ledger <unfixed> (low; bug #870900)
+       - ledger 3.1.2+dfsg1-1 (low; bug #870900)
        [stretch] - ledger <no-dsa> (Minor issue)
        [jessie] - ledger <no-dsa> (Minor issue)
        [wheezy] - ledger <no-dsa> (Minor issue)
@@ -87395,7 +87395,7 @@ CVE-2017-12482 (The ledger::parse_date_mask_routine 
function in times.cc in Ledg
        NOTE: https://github.com/ledger/ledger/issues/1224
        NOTE: 
https://github.com/ledger/ledger/commit/7c0ae5b02571e21f97d45f5d091cb78af9885713
 CVE-2017-12481 (The find_option function in option.cc in Ledger 3.1.1 allows 
remote ...)
-       - ledger <unfixed> (low; bug #870900)
+       - ledger 3.1.2+dfsg1-1 (low; bug #870900)
        [stretch] - ledger <no-dsa> (Minor issue)
        [jessie] - ledger <no-dsa> (Minor issue)
        [wheezy] - ledger <no-dsa> (Minor issue)
@@ -117339,7 +117339,7 @@ CVE-2017-2810 (An exploitable vulnerability exists in 
the Databook loading ...)
 CVE-2017-2809 (An exploitable vulnerability exists in the yaml loading 
functionality ...)
        NOT-FOR-US: Ansible Vault
 CVE-2017-2808 (An exploitable use-after-free vulnerability exists in the 
account ...)
-       - ledger <unfixed> (low; bug #876659)
+       - ledger 3.1.2+dfsg1-1 (low; bug #876659)
        [stretch] - ledger <no-dsa> (Minor issue)
        [jessie] - ledger <no-dsa> (Minor issue)
        [wheezy] - ledger <no-dsa> (Minor issue)
@@ -117347,7 +117347,7 @@ CVE-2017-2808 (An exploitable use-after-free 
vulnerability exists in the account
        NOTE: https://github.com/ledger/ledger/issues/1723
        NOTE: 
https://github.com/ledger/ledger/commit/f3bad93db256db07b6cb831d4d24f47543f57e4a
 CVE-2017-2807 (An exploitable buffer overflow vulnerability exists in the tag 
parsing ...)
-       - ledger <unfixed> (low; bug #876660)
+       - ledger 3.1.2+dfsg1-1 (low; bug #876660)
        [stretch] - ledger <no-dsa> (Minor issue)
        [jessie] - ledger <no-dsa> (Minor issue)
        [wheezy] - ledger <no-dsa> (Minor issue)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/8b1c1c13befc82e6f998114e71a692d7ea7ad6b9

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/8b1c1c13befc82e6f998114e71a692d7ea7ad6b9
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] ledger fixed

Reply via email to