Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
75b7fdda by Salvatore Bonaccorso at 2018-01-26T13:11:07+01:00
CVE-2018-1000005 only affects stretch
Do not add thus cross-reference as well for jessie-version fo the
CVE-2018-1000005 CVE id entry.
- - - - -
2 changed files:
- data/CVE/list
- data/DSA/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1499,6 +1499,7 @@ CVE-2018-5732
RESERVED
CVE-2018-1000005 (libcurl 7.49.0 to and including 7.57.0 contains an out
bounds read in ...)
- curl 7.58.0-1
+ [stretch] - curl 7.52.1-5+deb9u4
[jessie] - curl <not-affected> (Vulnerable code introduce later)
[wheezy] - curl <not-affected> (Vulnerable code introduce later)
NOTE: https://github.com/curl/curl/pull/2231
=====================================
data/DSA/list
=====================================
--- a/data/DSA/list
+++ b/data/DSA/list
@@ -1,5 +1,5 @@
[26 Jan 2018] DSA-4098-1 curl - security update
- {CVE-2018-1000005 CVE-2018-1000007}
+ {CVE-2018-1000007}
[jessie] - curl 7.38.0-4+deb8u9
[stretch] - curl 7.52.1-5+deb9u4
[25 Jan 2018] DSA-4097-1 poppler - security update
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/75b7fdda0d91e6e439e11357357971ec8d29dc41
---
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/75b7fdda0d91e6e439e11357357971ec8d29dc41
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
