Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
62946a39 by Sylvain Beucler at 2019-04-10T13:31:59Z
ncurses/CVE-2018-19217: semi-duplicate bug report has working POC
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -29813,7 +29813,8 @@ CVE-2018-19218 (In LibSass 3.5-stable, there is an
illegal address access at Sas
CVE-2018-19217 (In ncurses 6.1, there is a NULL pointer dereference at the
function _n ...)
- ncurses <undetermined>
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1643753
- NOTE: On Jessie the POC does not trigger a segfault.
+ NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1643754
+ NOTE: On Jessie poc0 does not trigger a segfault, poc1 does (with both
5.9 and recompiled 6.1)
CVE-2018-19216 (Netwide Assembler (NASM) before 2.13.02 has a use-after-free
in detoke ...)
- nasm 2.13.02-0.1
[stretch] - nasm <no-dsa> (Minor issue)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/62946a392ad6aa2a26eaca0eb84a372d5412a6ba
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/62946a392ad6aa2a26eaca0eb84a372d5412a6ba
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
