[Git][security-tracker-team/security-tracker][master] 3 commits: Triage CVE-2018-18520 (elfutils) in jessie LTS.

Fri, 19 Oct 2018 18:57:49 -0700 

Chris Lamb pushed to branch master at Debian Security Tracker / security-tracker


Commits:
96b0b4d6 by Chris Lamb at 2018-10-20T01:54:38Z
Triage CVE-2018-18520 (elfutils) in jessie LTS.

- - - - -
a8f3a38c by Chris Lamb at 2018-10-20T01:55:17Z
Triage CVE-2018-18521 (elfutils) for jessie LTS.

- - - - -
7cf9b14a by Chris Lamb at 2018-10-20T01:56:59Z
data/dla-needed.txt: Triage imagemagick for jessie.

- - - - -


2 changed files:

- data/CVE/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -15,11 +15,13 @@ CVE-2018-18522
 CVE-2018-18521 (Divide-by-zero vulnerabilities in the function 
arlib_add_symbols() in ...)
        - elfutils <unfixed> (low; bug #911413)
        [stretch] - elfutils <no-dsa> (Minor issue)
+       [jessie] - elfutils <no-dsa> (Minor issue)
        NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=23786
        NOTE: https://sourceware.org/ml/elfutils-devel/2018-q4/msg00055.html
 CVE-2018-18520 (An Invalid Memory Address Dereference exists in the function 
elf_end in ...)
        - elfutils <unfixed> (low; bug #911414)
        [stretch] - elfutils <no-dsa> (Minor issue)
+       [jessie] - elfutils <no-dsa> (Minor issue)
        NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=23787
        NOTE: https://sourceware.org/ml/elfutils-devel/2018-q4/msg00057.html
 CVE-2018-18519


=====================================
data/dla-needed.txt
=====================================
@@ -35,6 +35,8 @@ ghostscript (Markus Koschany)
 gnutls28 (Antoine Beaupre)
   NOTE: 20180824: Upstream patch is quite invasive, adding new options etc. 
(Chris Lamb)
 --
+imagemagick
+--
 libav (Hugo Lefeuvre)
   NOTE: 20180118: Diego Biurrun (from the libav team) was working on patches, 
but encountered personal issues and had to stop.
   NOTE: 20180118: It is unlikely that he will start again in the next weeks.



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/compare/7dd531e9ccf4e1abaea32533cb7383117a05f027...7cf9b14a27733f996e0659a020e6b303865c90ed

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/compare/7dd531e9ccf4e1abaea32533cb7383117a05f027...7cf9b14a27733f996e0659a020e6b303865c90ed
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to