Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 835cd552 by Salvatore Bonaccorso at 2018-02-23T21:51:34+01:00 Add four additional leptonlib CVEs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== --- a/data/CVE/list +++ b/data/CVE/list @@ -9029,6 +9029,17 @@ CVE-2018-3838 RESERVED CVE-2018-3837 RESERVED +CVE-2018-7442 [path traversal or file overwrite] + - leptonlib <unfixed> + NOTE: https://lists.debian.org/debian-lts/2018/02/msg00086.html +CVE-2018-7441 [insecure use of /tmp] + - leptonlib <unfixed> + NOTE: https://lists.debian.org/debian-lts/2018/02/msg00054.html +CVE-2017-18196 + - leptonlib 1.74.4-2 (bug #885704) +CVE-2018-7440 [command injection via $(command)] + - leptonlib <unfixed> + NOTE: https://github.com/DanBloomberg/leptonica/issues/303#issuecomment-366472212 CVE-2018-3836 [gplotMakeOutput Command Injection Vulnerability] RESERVED {DLA-1284-1} View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/835cd55229f3f41f5412226e4cee38ba4b9b0384 --- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/835cd55229f3f41f5412226e4cee38ba4b9b0384 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits