Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
00e0e1de by Salvatore Bonaccorso at 2020-01-28T22:32:20+01:00
Remove one no-dsa tagged entry which got an update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -110564,7 +110564,6 @@ CVE-2018-1000036 (In MuPDF 1.12.0 and earlier,
multiple memory leaks in the PDF
CVE-2018-1000035 (A heap-based buffer overflow exists in Info-Zip UnZip
version <= 6. ...)
- unzip 6.0-22 (bug #889838)
[stretch] - unzip 6.0-21+deb9u1
- [jessie] - unzip <no-dsa> (Harmless crash, builds with fortified source)
[wheezy] - unzip <no-dsa> (Harmless crash, builds with fortified source)
NOTE:
https://www.sec-consult.com/en/blog/advisories/multiple-vulnerabilities-in-infozip-unzip/index.html
NOTE: Patch used in openSUSE:Factory/unzip:
https://bugzilla.suse.com/attachment.cgi?id=759406
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/00e0e1de97851e7ddd1a1f6260a635240facefa3
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/00e0e1de97851e7ddd1a1f6260a635240facefa3
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
