Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 076782cd by Salvatore Bonaccorso at 2019-08-23T20:56:07Z Replace some redirected commit references for libextractor The https://gnunet.org/git/libextractor.git/commit/?id=$commit URLs now redirect to https://git.gnunet.org/libextractor.git/commit/?id=$commit, thus in case they were dropped in future reference the current location. - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -34086,12 +34086,12 @@ CVE-2018-20431 (GNU Libextractor through 1.8 has a NULL Pointer Dereference vuln {DSA-4361-1 DLA-1616-1} - libextractor 1:1.8-2 (bug #917213) NOTE: https://gnunet.org/bugs/view.php?id=5494 - NOTE: https://gnunet.org/git/libextractor.git/commit/?id=489c4a540bb2c4744471441425b8932b97a153e7 + NOTE: https://git.gnunet.org/libextractor.git/commit/?id=489c4a540bb2c4744471441425b8932b97a153e7 CVE-2018-20430 (GNU Libextractor through 1.8 has an out-of-bounds read vulnerability i ...) {DSA-4361-1 DLA-1616-1} - libextractor 1:1.8-2 (bug #917214) NOTE: https://gnunet.org/bugs/view.php?id=5493 - NOTE: https://gnunet.org/git/libextractor.git/commit/?id=b405d707b36e0654900cba78e89f49779efea110 + NOTE: https://git.gnunet.org/libextractor.git/commit/?id=b405d707b36e0654900cba78e89f49779efea110 CVE-2018-20429 (libming 0.4.8 has a NULL pointer dereference in the getName function o ...) - ming <removed> NOTE: https://github.com/libming/libming/issues/160 @@ -52000,7 +52000,7 @@ CVE-2018-16430 (GNU Libextractor through 1.7 has an out-of-bounds read vulnerabi {DSA-4290-1 DLA-1501-1} - libextractor 1:1.7-1 (bug #907987) NOTE: https://gnunet.org/bugs/view.php?id=5405 - NOTE: https://gnunet.org/git/libextractor.git/commit/?id=24c8d489797499c0331f4d1039e357ece1ae98a7 + NOTE: https://git.gnunet.org/libextractor.git/commit/?id=24c8d489797499c0331f4d1039e357ece1ae98a7 CVE-2018-16429 (GNOME GLib 2.56.1 has an out-of-bounds read vulnerability in g_markup_ ...) {DLA-1866-1} - glib2.0 2.58.0-1 (low) @@ -57525,12 +57525,12 @@ CVE-2018-14347 (GNU Libextractor before 1.7 contains an infinite loop vulnerabil - libextractor 1:1.7-1 (bug #904905) NOTE: http://lists.gnu.org/archive/html/bug-libextractor/2018-07/msg00000.html NOTE: https://gnunet.org/bugs/view.php?id=5399 - NOTE: https://gnunet.org/git/libextractor.git/commit/?id=f033468cd36e2b8bf92d747fbd683b2ace8da394 + NOTE: https://git.gnunet.org/libextractor.git/commit/?id=f033468cd36e2b8bf92d747fbd683b2ace8da394 CVE-2018-14346 (GNU Libextractor before 1.7 has a stack-based buffer overflow in ec_re ...) {DSA-4290-1 DLA-1478-1} - libextractor 1:1.7-1 (bug #904903) NOTE: http://lists.gnu.org/archive/html/bug-libextractor/2018-07/msg00001.html - NOTE: https://gnunet.org/git/libextractor.git/commit/?id=ad19e7fe0adc99d5710eff1ed48d91a7b75a950e + NOTE: https://git.gnunet.org/libextractor.git/commit/?id=ad19e7fe0adc99d5710eff1ed48d91a7b75a950e CVE-2018-14345 (An issue was discovered in SDDM through 0.17.0. If configured with Reu ...) - sddm 0.18.0-1 [stretch] - sddm <not-affected> (Re-use session feature introduced in 0.16.0) @@ -94500,7 +94500,7 @@ CVE-2017-17440 (GNU Libextractor 1.6 allows remote attackers to cause a denial o [stretch] - libextractor 1:1.3-4+deb9u1 [jessie] - libextractor 1:1.3-2+deb8u1 [wheezy] - libextractor <no-dsa> (Minor issue) - NOTE: Fixed by: https://gnunet.org/git/libextractor.git/commit/?id=7cc63b001ceaf81143795321379c835486d0c92e + NOTE: Fixed by: https://git.gnunet.org/libextractor.git/commit/?id=7cc63b001ceaf81143795321379c835486d0c92e CVE-2017-17439 (In Heimdal through 7.4, remote unauthenticated attackers are able to c ...) {DSA-4055-1} - heimdal 7.5.0+dfsg-1 (bug #878144) @@ -101965,7 +101965,7 @@ CVE-2017-15922 (In GNU Libextractor 1.4, there is an out-of-bounds read in the E [stretch] - libextractor 1:1.3-4+deb9u1 [jessie] - libextractor 1:1.3-2+deb8u1 NOTE: http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg00008.html - NOTE: Fixed by: https://gnunet.org/git/libextractor.git/commit/?id=d4d488b0e5ab13dda241d688d87a07816368f117 + NOTE: Fixed by: https://git.gnunet.org/libextractor.git/commit/?id=d4d488b0e5ab13dda241d688d87a07816368f117 CVE-2017-15921 (In Watchdog Anti-Malware 2.74.186.150 and Online Security Pro 2.74.186 ...) NOT-FOR-US: Watchdog Anti-Malware CVE-2017-15920 (In Watchdog Anti-Malware 2.74.186.150 and Online Security Pro 2.74.186 ...) @@ -102760,14 +102760,14 @@ CVE-2017-15602 (In GNU Libextractor 1.4, there is an integer signedness error fo [stretch] - libextractor 1:1.3-4+deb9u1 [jessie] - libextractor 1:1.3-2+deb8u1 NOTE: http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg00005.html - NOTE: Fixed by https://gnunet.org/git/libextractor.git/commit/?id=ffab889c1710c7646af9ed360c796a2a0a619efc + NOTE: Fixed by https://git.gnunet.org/libextractor.git/commit/?id=ffab889c1710c7646af9ed360c796a2a0a619efc CVE-2017-15601 (In GNU Libextractor 1.4, there is a heap-based buffer overflow in the ...) {DLA-1198-1} - libextractor 1:1.6-1 (low) [stretch] - libextractor 1:1.3-4+deb9u1 [jessie] - libextractor 1:1.3-2+deb8u1 NOTE: http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg00006.html - NOTE: Fixed by https://gnunet.org/git/libextractor.git/commit/?id=f813535dad4ad860b989952a46266a1469801091 + NOTE: Fixed by https://git.gnunet.org/libextractor.git/commit/?id=f813535dad4ad860b989952a46266a1469801091 CVE-2017-15600 (In GNU Libextractor 1.4, there is a NULL Pointer Dereference in the EX ...) {DLA-1198-1} - libextractor 1:1.6-1 (low) @@ -102775,7 +102775,7 @@ CVE-2017-15600 (In GNU Libextractor 1.4, there is a NULL Pointer Dereference in [jessie] - libextractor 1:1.3-2+deb8u1 NOTE: http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg00004.html NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1501695 - NOTE: Fixed by https://gnunet.org/git/libextractor.git/commit/?id=38e8933539ee9d044057b18a971c2eae3c21aba7 + NOTE: Fixed by https://git.gnunet.org/libextractor.git/commit/?id=38e8933539ee9d044057b18a971c2eae3c21aba7 CVE-2017-15599 RESERVED CVE-2017-15598 @@ -103774,7 +103774,7 @@ CVE-2017-15267 (In GNU Libextractor 1.4, there is a NULL Pointer Dereference in NOTE: http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg00003.html NOTE: http://openwall.com/lists/oss-security/2017/10/11/1 NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1499600 - NOTE: Fixed by: https://gnunet.org/git/libextractor.git/commit/?id=6095d7132b57fc7368fc7a40bab2a71b735724d2 + NOTE: Fixed by: https://git.gnunet.org/libextractor.git/commit/?id=6095d7132b57fc7368fc7a40bab2a71b735724d2 CVE-2017-15266 (In GNU Libextractor 1.4, there is a Divide-By-Zero in EXTRACTOR_wav_ex ...) {DLA-1198-1} - libextractor 1:1.6-1 (bug #878314) @@ -103783,7 +103783,7 @@ CVE-2017-15266 (In GNU Libextractor 1.4, there is a Divide-By-Zero in EXTRACTOR_ NOTE: http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg00002.html NOTE: http://openwall.com/lists/oss-security/2017/10/11/1 NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1499599 - NOTE: Fixed by: https://gnunet.org/git/libextractor.git/commit/?id=b577d5452c5c4ee9d552da62a24b95f461551fe2 + NOTE: Fixed by: https://git.gnunet.org/libextractor.git/commit/?id=b577d5452c5c4ee9d552da62a24b95f461551fe2 CVE-2017-15265 (Race condition in the ALSA subsystem in the Linux kernel before 4.13.8 ...) {DLA-1200-1} - linux 4.13.4-2 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/076782cd9f86eddb83071186604f5e9b160ca940 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/076782cd9f86eddb83071186604f5e9b160ca940 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits