Source: procps Version: 2:3.3.9-9 Severity: important Tags: security upstream Control: fixed -1 2:3.3.9-9+deb8u1 Control: fixed -1 2:3.3.12-3+deb9u1
Hi, The following vulnerabilities were published for procps, filling the bug to track the issue in the Debian BTS. CVE-2018-1122[0]: Local Privilege Escalation in top CVE-2018-1123[1]: Denial of Service in ps CVE-2018-1124[2]: Local Privilege Escalation in libprocps CVE-2018-1125[3]: 0008-pgrep-Prevent-a-potential-stack-based-buffer-overflo.patch CVE-2018-1126[4]: 0035-proc-alloc.-Use-size_t-not-unsigned-int.patch If you fix the vulnerabilities please also make sure to include the CVE (Common Vulnerabilities & Exposures) ids in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2018-1122 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1122 [1] https://security-tracker.debian.org/tracker/CVE-2018-1123 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1123 [2] https://security-tracker.debian.org/tracker/CVE-2018-1124 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1124 [3] https://security-tracker.debian.org/tracker/CVE-2018-1125 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1125 [4] https://security-tracker.debian.org/tracker/CVE-2018-1126 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1126 [5] http://www.openwall.com/lists/oss-security/2018/05/17/1 Please adjust the affected versions in the BTS as needed. Regards, Salvatore
