Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
c9ae5556 by Salvatore Bonaccorso at 2020-08-25T23:31:05+02:00
nasm: Active git repository moved to GitHub
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -112763,7 +112763,7 @@ CVE-2018-19756 (There is a heap-based buffer
over-read at stb_image.h (function:
CVE-2018-19755 (There is an illegal address access at asm/preproc.c (function:
is_mmac ...)
- nasm <unfixed> (unimportant; bug #915087)
NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392528
- NOTE:
https://repo.or.cz/nasm.git/commit/3079f7966dbed4497e36d5067cbfd896a90358cb
+ NOTE:
https://github.com/netwide-assembler/nasm/commit/3079f7966dbed4497e36d5067cbfd896a90358cb
NOTE: Crash in CLI tool, no security impact
CVE-2018-19754 (Tarantella Enterprise before 3.11 allows bypassing Access
Control. ...)
NOT-FOR-US: Tarantella Enterprise
@@ -117328,17 +117328,17 @@ CVE-2018-19216 (Netwide Assembler (NASM) before
2.13.02 has a use-after-free in
[stretch] - nasm <no-dsa> (Minor issue)
[jessie] - nasm <ignored> (Minor issue)
NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392425
- NOTE: Fix:
https://repo.or.cz/nasm.git/commitdiff/9b7ee09abfd426b99aa1ea81d19a3b2818eeabf9
+ NOTE: Fix:
https://github.com/netwide-assembler/nasm/commitdiff/9b7ee09abfd426b99aa1ea81d19a3b2818eeabf9
NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1115758#c7
CVE-2018-19215 (Netwide Assembler (NASM) 2.14rc16 has a heap-based buffer
over-read in ...)
- nasm 2.14-1 (unimportant)
NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392525
- NOTE:
https://repo.or.cz/nasm.git/commit/4b5b737d4991578b1918303dc0fd9c9ab5c7ce4f
+ NOTE:
https://github.com/netwide-assembler/nasm/commit/4b5b737d4991578b1918303dc0fd9c9ab5c7ce4f
NOTE: No security impact, crash in CLI tool
CVE-2018-19214 (Netwide Assembler (NASM) 2.14rc15 has a heap-based buffer
over-read in ...)
- nasm 2.14-1 (unimportant)
NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392521
- NOTE:
https://repo.or.cz/nasm.git/commit/661f723d39e03ca6eb05d7376a43ca33db478354
+ NOTE:
https://github.com/netwide-assembler/nasm/commit/661f723d39e03ca6eb05d7376a43ca33db478354
NOTE: No security impact, crash in CLI tool
CVE-2018-19213 (Netwide Assembler (NASM) through 2.14rc16 has memory leaks
that may le ...)
- nasm <unfixed> (unimportant)
@@ -144947,7 +144947,7 @@ CVE-2018-8881 (Netwide Assembler (NASM) 2.13.02rc2
has a heap-based buffer over-
[jessie] - nasm <no-dsa> (Minor issue)
[wheezy] - nasm <ignored> (Minor issue)
NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392446
- NOTE:
https://repo.or.cz/nasm.git/commit/3144e84add8b152cc7a71e44617ce6f21daa4ba3
(nasm-2.13.02rc3)
+ NOTE:
https://github.com/netwide-assembler/nasm/commit/3144e84add8b152cc7a71e44617ce6f21daa4ba3
(nasm-2.13.02rc3)
CVE-2018-8880 (Lutron Quantum BACnet Integration 2.0 (firmware 3.2.243)
doesn't check ...)
NOT-FOR-US: Lutron Quantum BACnet Integration
CVE-2018-8879 (Stack-based buffer overflow in Asuswrt-Merlin firmware for ASUS
device ...)
@@ -160735,7 +160735,7 @@ CVE-2017-17819 (In Netwide Assembler (NASM) 2.14rc0,
there is an illegal address
[jessie] - nasm <no-dsa> (Minor issue)
[wheezy] - nasm <no-dsa> (Minor issue)
NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392435
- NOTE:
https://repo.or.cz/nasm.git/commit/7524cfd91492e6e3719b959498be584a9ced13af
(nasm-2.13.02rc3)
+ NOTE:
https://github.com/netwide-assembler/nasm/commit/7524cfd91492e6e3719b959498be584a9ced13af
(nasm-2.13.02rc3)
CVE-2017-17818 (In Netwide Assembler (NASM) 2.14rc0, there is a heap-based
buffer over ...)
- nasm 2.13.02-0.1
[stretch] - nasm <no-dsa> (Minor issue)
@@ -160759,7 +160759,7 @@ CVE-2017-17815 (In Netwide Assembler (NASM) 2.14rc0,
there is an illegal address
[stretch] - nasm <no-dsa> (Minor issue)
[jessie] - nasm <no-dsa> (Minor issue)
[wheezy] - nasm <no-dsa> (Minor issue)
- NOTE:
https://repo.or.cz/nasm.git/commit/c9244eaadd05b27637cde06021bac3fa1d920aa3
(nasm-2.13.02rc3)
+ NOTE:
https://github.com/netwide-assembler/nasm/commit/c9244eaadd05b27637cde06021bac3fa1d920aa3
(nasm-2.13.02rc3)
NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392436
CVE-2017-17814 (In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free
in do_d ...)
- nasm 2.13.02-0.1
@@ -160778,7 +160778,7 @@ CVE-2017-17812 (In Netwide Assembler (NASM) 2.14rc0,
there is a heap-based buffe
[stretch] - nasm <no-dsa> (Minor issue)
[jessie] - nasm <no-dsa> (Minor issue)
[wheezy] - nasm <no-dsa> (Minor issue)
- NOTE:
https://repo.or.cz/nasm.git/commit/9b7ee09abfd426b99aa1ea81d19a3b2818eeabf9
(nasm-2.13.02rc3)
+ NOTE:
https://github.com/netwide-assembler/nasm/commit/9b7ee09abfd426b99aa1ea81d19a3b2818eeabf9
(nasm-2.13.02rc3)
NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392424
CVE-2017-17811 (In Netwide Assembler (NASM) 2.14rc0, there is a heap-based
buffer over ...)
- nasm 2.13.02-0.1
@@ -160791,7 +160791,7 @@ CVE-2017-17810 (In Netwide Assembler (NASM) 2.14rc0,
there is a "SEGV on unknown
[stretch] - nasm <no-dsa> (Minor issue)
[jessie] - nasm <no-dsa> (Minor issue)
[wheezy] - nasm <no-dsa> (Minor issue)
- NOTE:
https://repo.or.cz/nasm.git/commit/59ce1c67b16967c652765e62aa130b7e43f21dd4
(nasm-2.13.02rc3)
+ NOTE:
https://github.com/netwide-assembler/nasm/commit/59ce1c67b16967c652765e62aa130b7e43f21dd4
(nasm-2.13.02rc3)
NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392431
CVE-2017-17809 (In Golden Frog VyprVPN before 2.15.0.5828 for macOS, the
vyprvpnservic ...)
NOT-FOR-US: Golden Frog VyprVPN
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c9ae5556dc8c2cd7eb3975af361fb92bf762e0cf
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c9ae5556dc8c2cd7eb3975af361fb92bf762e0cf
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
