[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Mark sam2p as no-dsa

Sat Apr 7 05:29:57 BST 2018

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
cdae4d7a by Salvatore Bonaccorso at 2018-04-07T06:29:20+02:00
Mark sam2p as no-dsa

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================

--- a/data/CVE/list
+++ b/data/CVE/list
@@ -5511,6 +5511,7 @@ CVE-2018-7555
 CVE-2018-7554 (There is an invalid free in ReadImage in input-bmp.ci that leads to a ...)
 	{DLA-1340-1}
 	- sam2p <removed>
+	[jessie] - sam2p <no-dsa> (Will be fixed via point release)
 	NOTE: https://github.com/pts/sam2p/issues/29
 	NOTE: https://github.com/pts/sam2p/commit/a6621e996f976912252018be8a8836ee6a966ee3
 	NOTE: https://github.com/pts/sam2p/commit/118cb8102b767df4100d8a14184e44b33a822861
@@ -5520,15 +5521,18 @@ CVE-2018-7554 (There is an invalid free in ReadImage in input-bmp.ci that leads 
 CVE-2018-7553 (There is a heap-based buffer overflow in the pcxLoadRaster function of ...)
 	{DLA-1340-1}
 	- sam2p <removed>
+	[jessie] - sam2p <no-dsa> (Will be fixed via point release)
 	NOTE: https://github.com/pts/sam2p/issues/32
 CVE-2018-7552 (There is an invalid free in Mapping::DoubleHash::clear in mapping.cpp ...)
 	{DLA-1340-1}
 	- sam2p <removed>
+	[jessie] - sam2p <no-dsa> (Will be fixed via point release)
 	NOTE: https://github.com/pts/sam2p/issues/30
 	NOTE: CVE-2018-7554 patches will address this issue too.
 CVE-2018-7551 (There is an invalid free in MiniPS::delete0 in minips.cpp that leads to ...)
 	{DLA-1340-1}
 	- sam2p <removed>
+	[jessie] - sam2p <no-dsa> (Will be fixed via point release)
 	NOTE: https://github.com/pts/sam2p/issues/28
 CVE-2018-7550 (The load_multiboot function in hw/i386/multiboot.c in Quick Emulator ...)
 	- qemu <unfixed> (bug #892041)
@@ -5740,6 +5744,7 @@ CVE-2018-7488
 CVE-2018-7487 (There is a heap-based buffer overflow in the LoadPCX function of ...)
 	{DLA-1340-1}
 	- sam2p <removed>
+	[jessie] - sam2p <no-dsa> (Will be fixed via point release)
 	NOTE: https://github.com/pts/sam2p/issues/18
 CVE-2018-7486 (Blue River Mura CMS before v7.0.7029 supports inline function calls ...)
 	NOT-FOR-US: Blue River Mura CMS



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/cdae4d7adef306a51dfdae032706ef750302a572

---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/cdae4d7adef306a51dfdae032706ef750302a572
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180407/c5d8b75d/attachment-0001.html>
