Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
62772dfa by Salvatore Bonaccorso at 2019-03-08T12:52:29Z
Add CVE-2018-20710/yaml-cpp
The issue actually looks like a duplicate assignment of the already
present CVE-2019-6285.
Contacted MITRE about a rejecton, until properly done duplicate entry
from CVE-2019-6285 and add a note on the relation to CVE-2019-6285.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -7915,7 +7915,15 @@ CVE-2018-20712 (A heap-based buffer over-read exists in
the function d_expressio
CVE-2018-20711
RESERVED
CVE-2018-20710 (The SingleDocParser::HandleFlowSequence function in yaml-cpp
(aka ...)
- TODO: check
+ - yaml-cpp <unfixed> (low; bug #919432)
+ [buster] - yaml-cpp <no-dsa> (Minor issue)
+ [stretch] - yaml-cpp <no-dsa> (Minor issue)
+ [jessie] - yaml-cpp <no-dsa> (Minor issue)
+ - yaml-cpp0.3 <removed>
+ [stretch] - yaml-cpp0.3 <no-dsa> (Minor issue)
+ [jessie] - yaml-cpp0.3 <no-dsa> (Minor issue)
+ NOTE: https://github.com/jbeder/yaml-cpp/issues/660
+ NOTE: Duplicate/related to CVE-2019-6285
CVE-2018-20709
RESERVED
CVE-2018-20708
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/62772dfa85fa98fe2a4a34a443521f7d846d05c7
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/62772dfa85fa98fe2a4a34a443521f7d846d05c7
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
