Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: cdae4d7a by Salvatore Bonaccorso at 2018-04-07T06:29:20+02:00 Mark sam2p as no-dsa - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== --- a/data/CVE/list +++ b/data/CVE/list @@ -5511,6 +5511,7 @@ CVE-2018-7555 CVE-2018-7554 (There is an invalid free in ReadImage in input-bmp.ci that leads to a ...) {DLA-1340-1} - sam2p <removed> + [jessie] - sam2p <no-dsa> (Will be fixed via point release) NOTE: https://github.com/pts/sam2p/issues/29 NOTE: https://github.com/pts/sam2p/commit/a6621e996f976912252018be8a8836ee6a966ee3 NOTE: https://github.com/pts/sam2p/commit/118cb8102b767df4100d8a14184e44b33a822861 @@ -5520,15 +5521,18 @@ CVE-2018-7554 (There is an invalid free in ReadImage in input-bmp.ci that leads CVE-2018-7553 (There is a heap-based buffer overflow in the pcxLoadRaster function of ...) {DLA-1340-1} - sam2p <removed> + [jessie] - sam2p <no-dsa> (Will be fixed via point release) NOTE: https://github.com/pts/sam2p/issues/32 CVE-2018-7552 (There is an invalid free in Mapping::DoubleHash::clear in mapping.cpp ...) {DLA-1340-1} - sam2p <removed> + [jessie] - sam2p <no-dsa> (Will be fixed via point release) NOTE: https://github.com/pts/sam2p/issues/30 NOTE: CVE-2018-7554 patches will address this issue too. CVE-2018-7551 (There is an invalid free in MiniPS::delete0 in minips.cpp that leads to ...) {DLA-1340-1} - sam2p <removed> + [jessie] - sam2p <no-dsa> (Will be fixed via point release) NOTE: https://github.com/pts/sam2p/issues/28 CVE-2018-7550 (The load_multiboot function in hw/i386/multiboot.c in Quick Emulator ...) - qemu <unfixed> (bug #892041) @@ -5740,6 +5744,7 @@ CVE-2018-7488 CVE-2018-7487 (There is a heap-based buffer overflow in the LoadPCX function of ...) {DLA-1340-1} - sam2p <removed> + [jessie] - sam2p <no-dsa> (Will be fixed via point release) NOTE: https://github.com/pts/sam2p/issues/18 CVE-2018-7486 (Blue River Mura CMS before v7.0.7029 supports inline function calls ...) NOT-FOR-US: Blue River Mura CMS View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/cdae4d7adef306a51dfdae032706ef750302a572 --- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/cdae4d7adef306a51dfdae032706ef750302a572 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits