<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd">

<html lang="en">

<head>

<meta content="text/html; charset=utf-8" http-equiv="Content-Type">

<title>

GitLab

</title>

<style>img {

max-width: 100%; height: auto;

}

</style>

</head>

<body>

<div class="content">

<h3>

Salvatore Bonaccorso pushed to branch master

at <a href="https://salsa.debian.org/security-tracker-team/security-tracker">Debian Security Tracker / security-tracker</a>

</h3>

<h4>

Commits:

</h4>

<ul>

<li>

<strong><a href="https://salsa.debian.org/security-tracker-team/security-tracker/commit/c9ad896c57a40f9b05905d91b4099598529cefc6">c9ad896c</a></strong>

<div>

<span>by Salvatore Bonaccorso</span>

<i>at 2019-01-01T21:29:34Z</i>

</div>

<pre class="commit-message" style="white-space: pre-wrap; margin: 0;">Reference gcc (libiberty) upstream fix for CVE-2018-12641

</pre>

</li>

<li>

<strong><a href="https://salsa.debian.org/security-tracker-team/security-tracker/commit/f4715e6e9da948ba9eb1f530b7706b26ea3a6270">f4715e6e</a></strong>

<div>

<span>by Salvatore Bonaccorso</span>

<i>at 2019-01-01T21:34:03Z</i>

</div>

<pre class="commit-message" style="white-space: pre-wrap; margin: 0;">Reference upstream gcc (libiberty) fix for upstream bug 85454

Adresses the CVEs CVE-2018-12697, CVE-2018-12698, CVE-2018-12699 and

CVE-2018-12700 for binutils.

Cf. https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85454

</pre>

</li>

<li>

<strong><a href="https://salsa.debian.org/security-tracker-team/security-tracker/commit/7af3d1f621de2d0fb7bbe49ad505f08d24ab2cda">7af3d1f6</a></strong>

<div>

<span>by Salvatore Bonaccorso</span>

<i>at 2019-01-01T21:37:58Z</i>

</div>

<pre class="commit-message" style="white-space: pre-wrap; margin: 0;">CVE-2018-12934: Add additional upstream bug reference

The upstream issue https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85453

was actually a duplicate report of

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=84950 .

</pre>

</li>

<li>

<strong><a href="https://salsa.debian.org/security-tracker-team/security-tracker/commit/28b235969673f42073a2a3ab1920a6fd07fe0239">28b23596</a></strong>

<div>

<span>by Salvatore Bonaccorso</span>

<i>at 2019-01-01T21:48:22Z</i>

</div>

<pre class="commit-message" style="white-space: pre-wrap; margin: 0;">Track fix for CVE-2018-1735{8,9}/binutils in experimental version

The fix is present in the experimentalversion since the import of

2.31.51.20181022 from trunk.

</pre>

</li>

<li>

<strong><a href="https://salsa.debian.org/security-tracker-team/security-tracker/commit/5c952362f2078a50bec1a35e9464293824a79c00">5c952362</a></strong>

<div>

<span>by Salvatore Bonaccorso</span>

<i>at 2019-01-01T21:53:05Z</i>

</div>

<pre class="commit-message" style="white-space: pre-wrap; margin: 0;">Track fixed version for CVE-2018-17360/binutils via experimental

The fix landed in experimental via the import of the new upstream

version 2.31.51.20181022 based on trunk.

</pre>

</li>

<li>

<strong><a href="https://salsa.debian.org/security-tracker-team/security-tracker/commit/32a1a728735d0f78afd7499b27f17f8c7f729599">32a1a728</a></strong>

<div>

<span>by Salvatore Bonaccorso</span>

<i>at 2019-01-01T21:57:25Z</i>

</div>

<pre class="commit-message" style="white-space: pre-wrap; margin: 0;">Reference gcc (libiberty) fix for various CVEs

CVE-2018-18701, CVE-2018-18700, CVE-2018-18484, CVE-2018-17985 and

CVE-2018-17794 for binutils all refer to the same upstream fix in the

underlying libibierty issue fixed by

https://gcc.gnu.org/git/?p=gcc.git;a=commit;h=03e51746ed98d9106803f6009ebd71ea670ad3b9

..

</pre>

</li>

<li>

<strong><a href="https://salsa.debian.org/security-tracker-team/security-tracker/commit/dcb457890f1c84568ae83094e1bb77995518646e">dcb45789</a></strong>

<div>

<span>by Salvatore Bonaccorso</span>

<i>at 2019-01-01T22:01:37Z</i>

</div>

<pre class="commit-message" style="white-space: pre-wrap; margin: 0;">CVE-2018-18309/binutils fixed in experimental

The new upstream version 2.31.51.20181022 imported to experimental

adressed CVE-2018-18309.

</pre>

</li>

<li>

<strong><a href="https://salsa.debian.org/security-tracker-team/security-tracker/commit/b73b0707227f1869d2b341893bc98bada1b873f8">b73b0707</a></strong>

<div>

<span>by Salvatore Bonaccorso</span>

<i>at 2019-01-01T22:06:20Z</i>

</div>

<pre class="commit-message" style="white-space: pre-wrap; margin: 0;">CVE-2018-18605/binutils fixed in experimental

</pre>

</li>

<li>

<strong><a href="https://salsa.debian.org/security-tracker-team/security-tracker/commit/469bd6cf79d1ac82afb67618698a50226b73bd7e">469bd6cf</a></strong>

<div>

<span>by Salvatore Bonaccorso</span>

<i>at 2019-01-01T22:07:44Z</i>

</div>

<pre class="commit-message" style="white-space: pre-wrap; margin: 0;">CVE-2018-18606/binutils fixed in experimental

</pre>

</li>

<li>

<strong><a href="https://salsa.debian.org/security-tracker-team/security-tracker/commit/5a888b984990ee919af0f8e99a8ca1493abd1ec0">5a888b98</a></strong>

<div>

<span>by Salvatore Bonaccorso</span>

<i>at 2019-01-01T22:08:47Z</i>

</div>

<pre class="commit-message" style="white-space: pre-wrap; margin: 0;">CVE-2018-18607/binutils fixed in experimental

</pre>

</li>

<li>

<strong><a href="https://salsa.debian.org/security-tracker-team/security-tracker/commit/c9979e886e7c8e6636adbef433525bacc3c371f3">c9979e88</a></strong>

<div>

<span>by Salvatore Bonaccorso</span>

<i>at 2019-01-01T22:11:43Z</i>

</div>

<pre class="commit-message" style="white-space: pre-wrap; margin: 0;">CVE-2018-19931/binutils fixed in experimental with 2.31.51.20181204-1

</pre>

</li>

<li>

<strong><a href="https://salsa.debian.org/security-tracker-team/security-tracker/commit/6aea9d298a872b2ac5d05c75803c8cd65df783df">6aea9d29</a></strong>

<div>

<span>by Salvatore Bonaccorso</span>

<i>at 2019-01-01T22:12:46Z</i>

</div>

<pre class="commit-message" style="white-space: pre-wrap; margin: 0;">CVE-2018-19932/binutils fixed in experimental via 2.31.51.20181204-1

</pre>

</li>

</ul>

<h4>1 changed file:</h4>

<ul>

<li class="file-stats">

<a href="#4716ef5aa8f2742228ba3b3633215c8b808565e3">

data/CVE/list

</a>

</li>

</ul>

<h4>Changes:</h4>

<li id="4716ef5aa8f2742228ba3b3633215c8b808565e3">

<a href="https://salsa.debian.org/security-tracker-team/security-tracker/compare/50c003f1579227bebe54f027310e939356156379...6aea9d298a872b2ac5d05c75803c8cd65df783df#4716ef5aa8f2742228ba3b3633215c8b808565e3"><strong>data/CVE/list</strong></a>

<hr>

No preview for this file type

<br>

</li>

</div>

<div class="footer" style="margin-top: 10px;">

<p style="font-size: small; color: #777777;">

—

<br>

<a href="https://salsa.debian.org/security-tracker-team/security-tracker/compare/50c003f1579227bebe54f027310e939356156379...6aea9d298a872b2ac5d05c75803c8cd65df783df">View it on GitLab</a>.

<br>

You're receiving this email because of your account on salsa.debian.org.

If you'd like to receive fewer emails, you can

adjust your notification settings.

</p>

</div>

</body>

</html>