Sebastian Siewior pushed to branch master at Debian Security Tracker / security-tracker
Commits: 0800dc99 by Sebastian Andrzej Siewior at 2019-03-31T21:38:08Z Add a CVE description to the recent clamav/libclamunrar entries Signed-off-by: Sebastian Andrzej Siewior <[email protected]> - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -23207,7 +23207,7 @@ CVE-2019-1800 RESERVED CVE-2019-1799 RESERVED -CVE-2019-1798 +CVE-2019-1798 (A use-after-free condition may occur when scanning nested RAR archives.) RESERVED - libclamunrar 0.101.2-1 [stretch] - libclamunrar <not-affected> (Vulnerable code only present in 0.101.1 and 0.101.0) @@ -23231,25 +23231,25 @@ CVE-2019-1791 RESERVED CVE-2019-1790 RESERVED -CVE-2019-1789 +CVE-2019-1789 (An out-of-bounds heap read condition when scanning PE files.) RESERVED - clamav 0.101.2+dfsg-1 NOTE: https://blog.clamav.net/2019/03/clamav-01012-and-01003-patches-have.html -CVE-2019-1788 +CVE-2019-1788 (An out-of-bounds heap write condition when scanning OLE2 files.) RESERVED - clamav 0.101.2+dfsg-1 NOTE: https://blog.clamav.net/2019/03/clamav-01012-and-01003-patches-have.html -CVE-2019-1787 +CVE-2019-1787 (An out-of-bounds heap read condition when scanning PDF documents.) RESERVED - clamav 0.101.2+dfsg-1 NOTE: https://blog.clamav.net/2019/03/clamav-01012-and-01003-patches-have.html -CVE-2019-1786 +CVE-2019-1786 (An out-of-bounds heap read may occur when scanning malformed PDF documents.) RESERVED - clamav 0.101.2+dfsg-1 [stretch] - clamav <not-affected> (Vulnerable code only present in 0.101.1 and 0.101.0) [jessie] - clamav <not-affected> (Vulnerable code introduced later) NOTE: https://blog.clamav.net/2019/03/clamav-01012-and-01003-patches-have.html -CVE-2019-1785 +CVE-2019-1785 (A path-traversal write condition may occur when scanning RAR archives.) RESERVED - libclamunrar 0.101.2-1 [stretch] - libclamunrar <not-affected> (Vulnerable code only present in 0.101.1 and 0.101.0) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/0800dc99199443d4841587f7afebbc47ab6728f0 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/0800dc99199443d4841587f7afebbc47ab6728f0 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list [email protected] https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
