[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-1000159

Sat Apr 14 09:34:23 BST 2018

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
6fb9fcea by Salvatore Bonaccorso at 2018-04-14T10:33:32+02:00
Add CVE-2018-1000159

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================

--- a/data/CVE/list
+++ b/data/CVE/list
@@ -605,6 +605,10 @@ CVE-2018-1000161 [directory traversal in the way the non-default http-fetch scri
 	NOTE: Fixed by: https://github.com/nmap/nmap/commit/80e1977308e51b1b7aa038a38f8837a7e90b3849
 	NOTE: Introduced in https://github.com/nmap/nmap/commit/88381c2e685297a4fafe7182a06877b27da34e1e
 	NOTE: Script added in 6.49BETA6 (cf. https://bugzilla.novell.com/show_bug.cgi?id=1088608#c1)
+CVE-2018-1000159 [Improper Validation of Integrity Check Value vulnerability]
+	- tlslite-ng <unfixed>
+	NOTE: https://github.com/tomato42/tlslite-ng/pull/234
+	NOTE: https://github.com/tomato42/tlslite-ng/pull/234/commits/3674815d1b0f7484454995e2737a352e0a6a93d8
 CVE-2018-1000157
 	REJECTED
 CVE-2018-9838 (The caml_ba_deserialize function in byterun/bigarray.c in the standard ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/6fb9fcea0253750d1a0ebd449a30e06bcd5e9d80

---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/6fb9fcea0253750d1a0ebd449a30e06bcd5e9d80
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180414/7cdde17c/attachment-0001.html>
