Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 624d8fee by Salvatore Bonaccorso at 2019-03-22T20:27:18Z Add reference to upstream commit for CVE-2018-17937/gpsd Upstream project is not very transparent here to mention which are the needed fixes. The issue is both present in gpsd and microjson and correlating both projects and the information from https://ics-cert.us-cert.gov/advisories/ICSA-18-310-01 leads to http://git.savannah.nongnu.org/cgit/gpsd.git/commit/?id=7646cbd04055a50b157312ba6b376e88bd398c19 - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -30348,6 +30348,8 @@ CVE-2018-17938 (Zimbra Collaboration before 8.8.10 GA allows text content spoofi CVE-2018-17937 (gpsd versions 2.90 to 3.17 and microjson versions 1.0 to 1.3, an open ...) [experimental] - gpsd 3.18.1-1 - gpsd <unfixed> + NOTE: http://git.savannah.nongnu.org/cgit/gpsd.git/commit/?id=7646cbd04055a50b157312ba6b376e88bd398c19 + TODO: check if more commits needed CVE-2018-17936 (NUUO CMS All versions 3.3 and prior the application allows the upload ...) NOT-FOR-US: NUUO CMS CVE-2018-17935 (All versions of Telecrane F25 Series Radio Controls before 00.0A use f ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/624d8fee67d97fc67b58cebae37c71ebf680b5c9 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/624d8fee67d97fc67b58cebae37c71ebf680b5c9 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list [email protected] https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
