[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Record CVE-2018-383{7, 8, 9} which were already fixed with the sdl-image1.2/1.2.12-2+deb7u2 upload

Thu, 12 Apr 2018 14:05:40 -0700 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
740dd325 by Salvatore Bonaccorso at 2018-04-12T23:04:02+02:00
Record CVE-2018-383{7,8,9} which were already fixed with the 
sdl-image1.2/1.2.12-2+deb7u2 upload

- - - - -


2 changed files:

- data/CVE/list
- data/DLA/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -16137,19 +16137,22 @@ CVE-2018-3841
        RESERVED
 CVE-2018-3840
        RESERVED
-CVE-2018-3839 (An exploitable code execution vulnerability exists in the eCF 
image ...)
+CVE-2018-3839 (An exploitable code execution vulnerability exists in the XCF 
image ...)
+       {DLA-1341-1}
        - libsdl2-image 2.0.3+dfsg1-1
        - sdl-image1.2 1.2.12-8
        NOTE: 
https://hg.libsdl.org/SDL_image/rev/fb643e371806910f1973abfdfe7f981e8dba60f5
        NOTE: 
https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0521
        TODO: check fixing commit(s)
 CVE-2018-3838 (An exploitable information vulnerability exists in the XCF 
image ...)
+       {DLA-1341-1}
        - libsdl2-image 2.0.3+dfsg1-1
        - sdl-image1.2 1.2.12-8
        NOTE: 
https://hg.libsdl.org/SDL_image/rev/c5f9cbb5d2bbcb2150ba0596ea56b49efeed660d
        NOTE: 
https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0520
        TODO: check fixing commit(s)
 CVE-2018-3837 (An exploitable information disclosure vulnerability exists in 
the PCX ...)
+       {DLA-1341-1}
        - libsdl2-image 2.0.3+dfsg1-1
        - sdl-image1.2 1.2.12-8
        NOTE: 
https://hg.libsdl.org/SDL_image/rev/2938fc80591abeae74b971cbdf966eff3213297e


=====================================
data/DLA/list
=====================================
--- a/data/DLA/list
+++ b/data/DLA/list
@@ -10,7 +10,7 @@
 [09 Apr 2018] DLA-1283-2 python-crypto - security update
        [wheezy] - python-crypto 2.6-4+deb7u8
 [06 Apr 2018] DLA-1341-1 sdl-image1.2 - security update
-       {CVE-2017-12122 CVE-2017-14440 CVE-2017-14441 CVE-2017-14442 
CVE-2017-14448 CVE-2017-14450}
+       {CVE-2017-12122 CVE-2017-14440 CVE-2017-14441 CVE-2017-14442 
CVE-2017-14448 CVE-2017-14450 CVE-2018-3837 CVE-2018-3838 CVE-2018-3839}
        [wheezy] - sdl-image1.2 1.2.12-2+deb7u2
 [06 Apr 2018] DLA-1340-1 sam2p - security update
        {CVE-2018-7487 CVE-2018-7551 CVE-2018-7552 CVE-2018-7553 CVE-2018-7554}



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/740dd32571c65b4b20bd9ac52c9afe87af32f318

---
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/740dd32571c65b4b20bd9ac52c9afe87af32f318
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to