[Git][security-tracker-team/security-tracker][master] automatic update

Sun, 31 Oct 2021 01:10:34 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
82a20e65 by security tracker role at 2021-10-31T08:10:18+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -175186,7 +175186,7 @@ CVE-2019-7667 (Prima Systems FlexAir, Versions 2.3.38 
and prior. The application
 CVE-2019-7666 (Prima Systems FlexAir, Versions 2.3.38 and prior. The 
application allo ...)
        NOT-FOR-US: Prima Systems FlexAir devices
 CVE-2019-7665 (In elfutils 0.175, a heap-based buffer over-read was discovered 
in the ...)
-       {DLA-1689-1}
+       {DLA-2802-1 DLA-1689-1}
        - elfutils 0.176-1 (low; bug #921880)
        NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=24089
        NOTE: https://sourceware.org/ml/elfutils-devel/2019-q1/msg00049.html
@@ -176765,7 +176765,7 @@ CVE-2019-7151 (A NULL pointer dereference was 
discovered in wasm::Module::getFun
        NOTE: 
https://github.com/WebAssembly/binaryen/commit/2127e64f42da55bb5b9b0ab1995b3ca7fc4e0d0b
        NOTE: 
https://github.com/WebAssembly/binaryen/commit/85e95e315a8023c46eb804fe80ebc244bcfdae3e
 CVE-2019-7150 (An issue was discovered in elfutils 0.175. A segmentation fault 
can oc ...)
-       {DLA-1689-1}
+       {DLA-2802-1 DLA-1689-1}
        - elfutils 0.176-1 (low; bug #920909)
        NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=24103
        NOTE: https://sourceware.org/ml/elfutils-devel/2019-q1/msg00070.html
@@ -199110,13 +199110,13 @@ CVE-2018-18523
 CVE-2018-18522
        RESERVED
 CVE-2018-18521 (Divide-by-zero vulnerabilities in the function 
arlib_add_symbols() in  ...)
-       {DLA-1689-1}
+       {DLA-2802-1 DLA-1689-1}
        - elfutils 0.175-1 (low; bug #911413)
        NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=23786
        NOTE: https://sourceware.org/ml/elfutils-devel/2018-q4/msg00055.html
        NOTE: 
https://sourceware.org/git/?p=elfutils.git;a=commit;h=2b16a9be69939822dcafe075413468daac98b327
 CVE-2018-18520 (An Invalid Memory Address Dereference exists in the function 
elf_end i ...)
-       {DLA-1689-1}
+       {DLA-2802-1 DLA-1689-1}
        - elfutils 0.175-1 (low; bug #911414)
        NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=23787
        NOTE: https://sourceware.org/ml/elfutils-devel/2018-q4/msg00057.html
@@ -199760,7 +199760,7 @@ CVE-2018-18311 (Perl before 5.26.3 and 5.28.x before 
5.28.1 has a buffer overflo
        NOTE: Introduced by: 
https://perl5.git.perl.org/perl.git/commitdiff/e658793210bbe632a5e80a876acfcd0984c46b87
        NOTE: maint-5.28: 
https://perl5.git.perl.org/perl.git/commitdiff/0589f071dc6836de80b24fd798c3336c72ead850
 CVE-2018-18310 (An invalid memory address dereference was discovered in 
dwfl_segment_r ...)
-       {DLA-1689-1}
+       {DLA-2802-1 DLA-1689-1}
        - elfutils 0.175-1 (bug #911083)
        NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=23752
        NOTE: https://sourceware.org/ml/elfutils-devel/2018-q4/msg00022.html
@@ -204946,6 +204946,7 @@ CVE-2018-16403 (libdw in elfutils 0.173 checks the 
end of the attributes list in
        NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=23529
        NOTE: 
https://sourceware.org/git/?p=elfutils.git;a=commit;h=6983e59b727458a6c64d9659c85f08218bc4fcda
 CVE-2018-16402 (libelf/elf_end.c in elfutils 0.173 allows remote attackers to 
cause a  ...)
+       {DLA-2802-1}
        - elfutils 0.175-1 (low)
        [jessie] - elfutils <not-affected> (vulnerable code introduced later)
        NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=23528
@@ -205785,7 +205786,7 @@ CVE-2018-16064 (Insufficient data validation in 
Extensions API in Google Chrome
 CVE-2018-16063
        RESERVED
 CVE-2018-16062 (dwarf_getaranges in dwarf_getaranges.c in libdw in elfutils 
before 201 ...)
-       {DLA-1689-1}
+       {DLA-2802-1 DLA-1689-1}
        - elfutils 0.175-1 (bug #907562)
        NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=23541
        NOTE: 
https://sourceware.org/git/?p=elfutils.git;a=commit;h=29e31978ba51c1051743a503ee325b5ebc03d7e9
@@ -295195,6 +295196,7 @@ CVE-2017-2890 (An exploitable vulnerability exists in 
the /api/CONFIG/restore fu
 CVE-2017-2889 (An exploitable Denial of Service vulnerability exists in the 
API daemo ...)
        NOT-FOR-US: Circle with Disney
 CVE-2017-2888 (An exploitable integer overflow vulnerability exists when 
creating a n ...)
+       {DLA-1714-2}
        - libsdl2 2.0.6+dfsg1-4 (bug #878264)
        [stretch] - libsdl2 <no-dsa> (Minor issue)
        [jessie] - libsdl2 <no-dsa> (Minor issue)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/82a20e6521f72ce712fb61742fd071ba5bcd01ee

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/82a20e6521f72ce712fb61742fd071ba5bcd01ee
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to