[Git][security-tracker-team/security-tracker][master] adplug bugs

Moritz Muehlenhoff Thu, 31 Oct 2019 16:12:20 -0700


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
78d8a2d5 by Moritz Muehlenhoff at 2019-10-31T23:08:55Z
adplug bugs
unoconv no-dsa

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -4151,7 +4151,9 @@ CVE-2019-17401 (** DISPUTED ** libyal liblnk 20191006 has 
a heap-based buffer ov
        [stretch] - liblnk <no-dsa> (Minor issue)
        NOTE: https://github.com/libyal/liblnk/issues/40
 CVE-2019-17400 (The unoconv package before 0.9 mishandles untrusted pathnames, 
leading ...)
-       - unoconv 0.7-2 (bug #943561)
+       - unoconv 0.7-2 (low; bug #943561)
+       [buster] - unoconv <no-dsa> (Minor issue)
+       [stretch] - unoconv <no-dsa> (Minor issue)
        [jessie] - unoconv <no-dsa> (Minor issue)
        NOTE: https://github.com/unoconv/unoconv/pull/510
 CVE-2019-17399 (The Shack Forms Pro extension before 4.0.32 for Joomla! allows 
path tr ...)
@@ -11764,19 +11766,19 @@ CVE-2019-14694 (A use-after-free flaw in the sandbox 
container implemented in cm
 CVE-2019-14693 (Zoho ManageEngine AssetExplorer 6.2.0 is vulnerable to an XML 
External ...)
        NOT-FOR-US: Zoho ManageEngine AssetExplorer
 CVE-2019-14692 (AdPlug 2.3.1 has a heap-based buffer overflow in 
CmkjPlayer::load() in ...)
-       - adplug <unfixed>
+       - adplug <unfixed> (bug #943927)
        [buster] - adplug <no-dsa> (Minor issue)
        [stretch] - adplug <no-dsa> (Minor issue)
        [jessie] - adplug <no-dsa> (Minor issue)
        NOTE: https://github.com/adplug/adplug/issues/87
 CVE-2019-14691 (AdPlug 2.3.1 has a heap-based buffer overflow in 
CdtmLoader::load() in ...)
-       - adplug <unfixed>
+       - adplug <unfixed> (bug #943928)
        [buster] - adplug <no-dsa> (Minor issue)
        [stretch] - adplug <no-dsa> (Minor issue)
        [jessie] - adplug <no-dsa> (Minor issue)
        NOTE: https://github.com/adplug/adplug/issues/86
 CVE-2019-14690 (AdPlug 2.3.1 has a heap-based buffer overflow in 
CxadbmfPlayer::__bmf_ ...)
-       - adplug <unfixed>
+       - adplug <unfixed> (bug #943928)
        [buster] - adplug <no-dsa> (Minor issue)
        [stretch] - adplug <no-dsa> (Minor issue)
        [jessie] - adplug <no-dsa> (Minor issue)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/78d8a2d5ec7ff4eb4f30a3db84f0a1c0889f27e3

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/78d8a2d5ec7ff4eb4f30a3db84f0a1c0889f27e3
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] adplug bugs

Reply via email to