[Git][security-tracker-team/security-tracker][master] fmtlib non-issue

[Moritz Muehlenhoff]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
5dd60783 by Moritz Muehlenhoff at 2018-05-17T18:24:42+02:00
fmtlib non-issue

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -11784,9 +11784,10 @@ CVE-2018-1000054 (Jenkins CCM Plugin 3.1 and earlier 
processes XML external enti
 CVE-2018-1000053 (LimeSurvey version 3.0.0-beta.3+17110 contains a Cross ite 
Request ...)
        - limesurvey <itp> (bug #472802)
 CVE-2018-1000052 (fmtlib version prior to version 4.1.0 (before commit ...)
-       - fmtlib <unfixed> (bug #890033)
+       - fmtlib <unfixed> (unimportant; bug #890033)
        NOTE: https://github.com/fmtlib/fmt/issues/642
        NOTE: 
https://github.com/fmtlib/fmt/commit/8cf30aa2be256eba07bb1cefb998c52326e846e7
+       NOTE: This looks bogus, how would that come from untrusted input
 CVE-2018-1000051 (Artifex Mupdf version 1.12.0 contains a Use After Free 
vulnerability ...)
        {DSA-4152-1}
        - mupdf 1.12.0+ds1-1 (bug #891245)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/5dd60783db4ec04a29ac5b4e0b71908bf28db48c

---
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/5dd60783db4ec04a29ac5b4e0b71908bf28db48c
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits