[Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2018-11693: Reference the commits as merged into upstream repository

Thu, 20 Jun 2019 07:21:00 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
bbb325b0 by Salvatore Bonaccorso at 2019-06-20T14:19:12Z
CVE-2018-11693: Reference the commits as merged into upstream repository

- - - - -
4576207d by Salvatore Bonaccorso at 2019-06-20T14:19:43Z
Update fixed version for CVE-2018-11693

libsass as uploaded 3.5.4+20180621~c0a6cf3-1 was a snapshot taken from
stable git branch including the fix for CVE-2018-11693.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -55042,10 +55042,11 @@ CVE-2018-11694 (An issue was discovered in LibSass 
through 3.5.4. A NULL pointer
        NOTE: 
https://github.com/glebm/libsass/commit/e5964a7df9bdb36f2944e7289812f1057aad2c5d
        NOTE: 
https://github.com/sass/libsass/commit/c93f0581c6b7794d8c1d5637c5c4dabd591b1d57
 CVE-2018-11693 (An issue was discovered in LibSass through 3.5.4. An 
out-of-bounds rea ...)
-       - libsass 3.5.5-1 (low)
+       - libsass 3.5.4+20180621~c0a6cf3-1 (low)
        [stretch] - libsass <no-dsa> (Minor issue)
        NOTE: https://github.com/sass/libsass/issues/2661
-       NOTE: 
https://github.com/xzyfer/libsass/commit/af0e12cdf09d43dbd1fc11e3f64b244277cc1a1e
+       NOTE: 
https://github.com/sass/libsass/commit/c0a6cf39dea9b2522a08d61b731bc72dfb362584 
(3.5.5)
+       NOTE: 
https://github.com/sass/libsass/commit/b3374e3fd1a0c3658644d2bad24e4a0ff2e0dcea 
(master)
 CVE-2018-11692 (** DISPUTED ** An issue was discovered on Canon LBP6650, 
LBP3370, LBP3 ...)
        NOT-FOR-US: Canon devices
 CVE-2018-11691 (Emerson VE6046 09.0.12 devices have hardcoded admin 
credentials allowi ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/compare/ad9c3136eb5784f7ed724fd7683a6ead1f5938f8...4576207db86df8aa3b14a6f5f472e7f851b2ee60

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/compare/ad9c3136eb5784f7ed724fd7683a6ead1f5938f8...4576207db86df8aa3b14a6f5f472e7f851b2ee60
You're receiving this email because of your account on salsa.debian.org.


_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to