Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 6b3c0cf3 by Salvatore Bonaccorso at 2020-03-25T21:23:11+01:00 Reference commit for CVE-2018-6952/patch - - - - - 4601ac6c by Salvatore Bonaccorso at 2020-03-25T21:25:43+01:00 Add information on CVE-2019-20633/patch - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -17,7 +17,8 @@ CVE-2020-10944 CVE-2020-10943 RESERVED CVE-2019-20633 (GNU patch through 2.7.6 contains a free(p_line[p_end]) Double Free vul ...) - TODO: check + - patch <not-affected> (Incomplete fix for CVE-2018-6952 not applied) + NOTE: https://savannah.gnu.org/bugs/index.php?56683 CVE-2020-10942 (In the Linux kernel before 5.5.8, get_raw_socket in drivers/vhost/net. ...) - linux <unfixed> NOTE: https://git.kernel.org/linus/42d84c8490f9f0931786f1623191fcab397c3d64 (5.6-rc4) @@ -116793,6 +116794,9 @@ CVE-2018-6953 (In CCN-lite 2, the Parser of NDNTLV does not verify whether a cer CVE-2018-6952 (A double free exists in the another_hunk function in pch.c in GNU patc ...) - patch <unfixed> (unimportant) NOTE: https://savannah.gnu.org/bugs/index.php?53133 + NOTE: https://git.savannah.gnu.org/cgit/patch.git/commit/?id=9c986353e420ead6e706262bf204d6e03322c300 + NOTE: When fixing this issue make sure to not apply only the incomplete fix, + NOTE: and opening CVE-2019-20633, cf. https://savannah.gnu.org/bugs/index.php?56683 NOTE: Crash in CLI tool, no security impact CVE-2018-6951 (An issue was discovered in GNU patch through 2.7.6. There is a segment ...) - patch <unfixed> (unimportant) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/3ee8543e83f7baebae81a07d4d22896d3370763f...4601ac6c34ec83846a1c509338afe7cdf23f6f84 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/3ee8543e83f7baebae81a07d4d22896d3370763f...4601ac6c34ec83846a1c509338afe7cdf23f6f84 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits