Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
ced78cf2 by Salvatore Bonaccorso at 2020-04-22T06:39:43+02:00
Update information on CVE-2020-11958/re2c
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -186,7 +186,9 @@ CVE-2020-11958 (re2c 1.3 has a heap-based buffer overflow
in Scanner::fill in pa
[stretch] - re2c <not-affected> (Vulnerability introduced later)
[jessie] - re2c <not-affected> (Vulnerability introduced later)
NOTE:
http://blogs.gentoo.org/ago/2020/04/19/re2c-heap-overflow-in-scannerfill-scanner-cc/
- NOTE: Introduced in:
https://github.com/skvadrik/re2c/commit/2f3e597abce36fb7f41413373308b7f13fc98181
(1.2)
+ NOTE: Logical error introduced in:
https://github.com/skvadrik/re2c/commit/2f3e597abce36fb7f41413373308b7f13fc98181
(1.2)
+ NOTE: Vulnerability introduced in:
https://github.com/skvadrik/re2c/commit/1edd26a35457c5835afd58b8fa8330d33e7a1192
(1.2)
+ NOTE:
https://github.com/skvadrik/re2c/commit/c4603ba5ce229db83a2a4fb93e6d4b4e3ec3776a#commitcomment-38652070
NOTE: Fixed by:
https://github.com/skvadrik/re2c/commit/c4603ba5ce229db83a2a4fb93e6d4b4e3ec3776a
CVE-2020-11957
RESERVED
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ced78cf2841470395ab15ef00aca8b4b3011450f
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ced78cf2841470395ab15ef00aca8b4b3011450f
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
