Thorsten Alteholz pushed to branch master at Debian Security Tracker / security-tracker
Commits: 5fb8ad55 by Thorsten Alteholz at 2019-02-25T13:09:58Z CVE-2018-18521 will be fixed in Jessie - - - - - 4a5e6ec5 by Thorsten Alteholz at 2019-02-25T13:15:42Z add link to fix for CVE-2018-18521 - - - - - b6484183 by Thorsten Alteholz at 2019-02-25T13:16:22Z CVE-2018-18520 will be fixed in Jessie - - - - - f75ca0d5 by Thorsten Alteholz at 2019-02-25T13:17:26Z add link to fix for CVE-2018-18520 - - - - - 21a3682d by Thorsten Alteholz at 2019-02-25T13:19:20Z CVE-2018-18310 will be fixed in Jessie - - - - - db989cb0 by Thorsten Alteholz at 2019-02-25T13:21:09Z add link to fix for CVE-2018-18310 - - - - - 5277f382 by Thorsten Alteholz at 2019-02-25T13:24:00Z CVE-2018-16062 will be fixed in Jessie - - - - - b4a42173 by Thorsten Alteholz at 2019-02-25T13:25:52Z CVE-2017-7613 will be fixed in Jessie - - - - - bef3b577 by Thorsten Alteholz at 2019-02-25T13:28:49Z add link to fix for CVE-2017-7613 - - - - - 13079fe5 by Thorsten Alteholz at 2019-02-25T13:32:34Z jessie will be fixed, not wheezy - - - - - bb1f8a82 by Thorsten Alteholz at 2019-02-25T13:33:32Z CVE-2017-7612 will be fixed in Jessie - - - - - ecdf90f0 by Thorsten Alteholz at 2019-02-25T13:35:35Z add link to fix for CVE-2017-7612 - - - - - 17483842 by Thorsten Alteholz at 2019-02-25T13:36:11Z CVE-2017-7611 will be fixed in Jessie - - - - - 1ea7aa08 by Thorsten Alteholz at 2019-02-25T13:37:01Z add link to fix for CVE-2017-7611 - - - - - 5941955d by Thorsten Alteholz at 2019-02-25T13:38:31Z CVE-2017-7610 will be fixed in Jessie - - - - - 6a900996 by Thorsten Alteholz at 2019-02-25T13:39:19Z add link to fix for CVE-2017-7610 - - - - - ac58483c by Thorsten Alteholz at 2019-02-25T13:41:19Z CVE-2017-7608 will be fixed in Jessie - - - - - df095d34 by Thorsten Alteholz at 2019-02-25T13:41:50Z add link to fix for CVE-2017-7608 - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -25563,15 +25563,15 @@ CVE-2018-18522 CVE-2018-18521 (Divide-by-zero vulnerabilities in the function arlib_add_symbols() in ...) - elfutils 0.175-1 (low; bug #911413) [stretch] - elfutils <no-dsa> (Minor issue) - [jessie] - elfutils <no-dsa> (Minor issue) NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=23786 NOTE: https://sourceware.org/ml/elfutils-devel/2018-q4/msg00055.html + NOTE: https://sourceware.org/git/?p=elfutils.git;a=commit;h=2b16a9be69939822dcafe075413468daac98b327 CVE-2018-18520 (An Invalid Memory Address Dereference exists in the function elf_end in ...) - elfutils 0.175-1 (low; bug #911414) [stretch] - elfutils <no-dsa> (Minor issue) - [jessie] - elfutils <no-dsa> (Minor issue) NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=23787 NOTE: https://sourceware.org/ml/elfutils-devel/2018-q4/msg00057.html + NOTE: https://sourceware.org/git/?p=elfutils.git;a=commit;h=22d2d082d57a7470fadc0eae67179553f4919209 CVE-2018-18519 (BestXsoftware Best Free Keylogger 5.2.9 allows local users to gain ...) NOT-FOR-US: BestXsoftware Best Free Keylogger CVE-2018-18518 @@ -26199,9 +26199,9 @@ CVE-2018-18311 (Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflo CVE-2018-18310 (An invalid memory address dereference was discovered in ...) - elfutils 0.175-1 (bug #911083) [stretch] - elfutils <no-dsa> (Minor issue) - [jessie] - elfutils <no-dsa> (Minor issue) NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=23752 NOTE: https://sourceware.org/ml/elfutils-devel/2018-q4/msg00022.html + NOTE: https://sourceware.org/git/?p=elfutils.git;a=commit;h=20f9de9b5f704cec55df92406a50bcbcfca96acd CVE-2018-18309 (An issue was discovered in the Binary File Descriptor (BFD) library ...) [experimental] - binutils 2.31.51.20181022-1 - binutils <unfixed> @@ -32081,7 +32081,6 @@ CVE-2018-16063 CVE-2018-16062 (dwarf_getaranges in dwarf_getaranges.c in libdw in elfutils before ...) - elfutils 0.175-1 (bug #907562) [stretch] - elfutils <no-dsa> (Minor issue) - [jessie] - elfutils <no-dsa> (Minor issue) NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=23541 NOTE: https://sourceware.org/git/?p=elfutils.git;a=commit;h=29e31978ba51c1051743a503ee325b5ebc03d7e9 CVE-2018-16061 @@ -106263,28 +106262,28 @@ CVE-2017-7614 (elflink.c in the Binary File Descriptor (BFD) library (aka libbfd NOTE: Fixed by: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=ad32986fdf9da1c8748e47b8b45100398223dba8 CVE-2017-7613 (elflint.c in elfutils 0.168 does not validate the number of sections ...) - elfutils 0.168-1 (bug #859990) - [jessie] - elfutils <no-dsa> (Minor issue) [wheezy] - elfutils <no-dsa> (Minor issue) NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21312 NOTE: https://blogs.gentoo.org/ago/2017/04/03/elfutils-memory-allocation-failure-in-xcalloc-xmalloc-c/ + NOTE: https://sourceware.org/git/?p=elfutils.git;a=commit;h=4314716cd498bb51639db717bd7ce6182de33322 CVE-2017-7612 (The check_sysv_hash function in elflint.c in elfutils 0.168 allows ...) - elfutils 0.168-1 (bug #859991) - [jessie] - elfutils <no-dsa> (Minor issue) [wheezy] - elfutils <no-dsa> (Minor issue) NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21311 NOTE: https://blogs.gentoo.org/ago/2017/04/03/elfutils-heap-based-buffer-overflow-in-check_sysv_hash-elflint-c/ + NOTE: https://sourceware.org/git/?p=elfutils.git;a=commit;h=61fe61898747f63eb35a81c2261f3590a3dab8fd CVE-2017-7611 (The check_symtab_shndx function in elflint.c in elfutils 0.168 allows ...) - elfutils 0.168-1 (bug #859992) - [jessie] - elfutils <no-dsa> (Minor issue) [wheezy] - elfutils <no-dsa> (Minor issue) NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21310 NOTE: https://blogs.gentoo.org/ago/2017/04/03/elfutils-heap-based-buffer-overflow-in-check_symtab_shndx-elflint-c/ + NOTE: https://sourceware.org/git/?p=elfutils.git;a=commit;h=9a0d9d314a6342b56e3277bd7ad7ecb6e73a7d38 CVE-2017-7610 (The check_group function in elflint.c in elfutils 0.168 allows remote ...) - elfutils 0.168-1 (bug #859993) - [jessie] - elfutils <no-dsa> (Minor issue) [wheezy] - elfutils <no-dsa> (Minor issue) NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21320 NOTE: https://blogs.gentoo.org/ago/2017/04/03/elfutils-heap-based-buffer-overflow-in-check_group-elflint-c/ + NOTE: https://sourceware.org/git/?p=elfutils.git;a=commit;h=fb6709f1a41b58a9557ea45b7f53ae678c660b21 CVE-2017-7609 (elf_compress.c in elfutils 0.168 does not validate the zlib compression ...) - elfutils 0.168-1 (bug #859994) [jessie] - elfutils <not-affected> (Vulnerable code not present) @@ -106293,10 +106292,10 @@ CVE-2017-7609 (elf_compress.c in elfutils 0.168 does not validate the zlib compr NOTE: https://blogs.gentoo.org/ago/2017/04/03/elfutils-memory-allocation-failure-in-__libelf_decompress-elf_compress-c/ CVE-2017-7608 (The ebl_object_note_type_name function in eblobjnotetypename.c in ...) - elfutils 0.168-1 (bug #859995) - [jessie] - elfutils <no-dsa> (Minor issue) [wheezy] - elfutils <no-dsa> (Minor issue) NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21300 NOTE: https://blogs.gentoo.org/ago/2017/04/03/elfutils-heap-based-buffer-overflow-in-ebl_object_note_type_name-eblobjnotetypename-c/ + NOTE: https://sourceware.org/git/?p=elfutils.git;a=commit;h=b0b58c5e0b34e54194aa042f2310af58ee7de603 CVE-2017-7607 (The handle_gnu_hash function in readelf.c in elfutils 0.168 allows ...) - elfutils 0.168-1 (bug #859996) [jessie] - elfutils <no-dsa> (Minor issue) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/973369c55d4e3e5124e324bff1803aa315ad3c93...df095d34495796f8590e924dd988dcc3bf13aed7 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/973369c55d4e3e5124e324bff1803aa315ad3c93...df095d34495796f8590e924dd988dcc3bf13aed7 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits