Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 740dd325 by Salvatore Bonaccorso at 2018-04-12T23:04:02+02:00 Record CVE-2018-383{7,8,9} which were already fixed with the sdl-image1.2/1.2.12-2+deb7u2 upload - - - - - 2 changed files: - data/CVE/list - data/DLA/list Changes: ===================================== data/CVE/list ===================================== --- a/data/CVE/list +++ b/data/CVE/list @@ -16137,19 +16137,22 @@ CVE-2018-3841 RESERVED CVE-2018-3840 RESERVED -CVE-2018-3839 (An exploitable code execution vulnerability exists in the eCF image ...) +CVE-2018-3839 (An exploitable code execution vulnerability exists in the XCF image ...) + {DLA-1341-1} - libsdl2-image 2.0.3+dfsg1-1 - sdl-image1.2 1.2.12-8 NOTE: https://hg.libsdl.org/SDL_image/rev/fb643e371806910f1973abfdfe7f981e8dba60f5 NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0521 TODO: check fixing commit(s) CVE-2018-3838 (An exploitable information vulnerability exists in the XCF image ...) + {DLA-1341-1} - libsdl2-image 2.0.3+dfsg1-1 - sdl-image1.2 1.2.12-8 NOTE: https://hg.libsdl.org/SDL_image/rev/c5f9cbb5d2bbcb2150ba0596ea56b49efeed660d NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0520 TODO: check fixing commit(s) CVE-2018-3837 (An exploitable information disclosure vulnerability exists in the PCX ...) + {DLA-1341-1} - libsdl2-image 2.0.3+dfsg1-1 - sdl-image1.2 1.2.12-8 NOTE: https://hg.libsdl.org/SDL_image/rev/2938fc80591abeae74b971cbdf966eff3213297e ===================================== data/DLA/list ===================================== --- a/data/DLA/list +++ b/data/DLA/list @@ -10,7 +10,7 @@ [09 Apr 2018] DLA-1283-2 python-crypto - security update [wheezy] - python-crypto 2.6-4+deb7u8 [06 Apr 2018] DLA-1341-1 sdl-image1.2 - security update - {CVE-2017-12122 CVE-2017-14440 CVE-2017-14441 CVE-2017-14442 CVE-2017-14448 CVE-2017-14450} + {CVE-2017-12122 CVE-2017-14440 CVE-2017-14441 CVE-2017-14442 CVE-2017-14448 CVE-2017-14450 CVE-2018-3837 CVE-2018-3838 CVE-2018-3839} [wheezy] - sdl-image1.2 1.2.12-2+deb7u2 [06 Apr 2018] DLA-1340-1 sam2p - security update {CVE-2018-7487 CVE-2018-7551 CVE-2018-7552 CVE-2018-7553 CVE-2018-7554} View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/740dd32571c65b4b20bd9ac52c9afe87af32f318 --- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/740dd32571c65b4b20bd9ac52c9afe87af32f318 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits