[Git][security-tracker-team/security-tracker][master] Add fixing commits for CVE-2018-88{08,09,10}

Salvatore Bonaccorso carnil at debian.org
Sat Apr 14 20:33:01 BST 2018


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
fcf779a5 by Salvatore Bonaccorso at 2018-04-14T21:28:19+02:00
Add fixing commits for CVE-2018-88{08,09,10}

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -3021,18 +3021,21 @@ CVE-2018-8810 (In radare2 2.4.0, there is a heap-based buffer over-read in the .
 	[jessie] - radare2 <no-dsa> (Minor issue)
 	[wheezy] - radare2 <not-affected> (vulnerable code not present)
 	NOTE: https://github.com/radare/radare2/issues/9727
+	NOTE: https://github.com/radare/radare2/commit/06c9903be9a1ca46b74571d49027bee2168fbd69
 CVE-2018-8809 (In radare2 2.4.0, there is a heap-based buffer over-read in the ...)
 	- radare2 <unfixed> (low)
 	[stretch] - radare2 <no-dsa> (Minor issue)
 	[jessie] - radare2 <no-dsa> (Minor issue)
 	[wheezy] - radare2 <no-dsa> (minor issue, likely not even affected)
 	NOTE: https://github.com/radare/radare2/issues/9726
+	NOTE: https://github.com/radare/radare2/commit/24282de142000d2ed2c19783b40a1351872dfc54
 CVE-2018-8808 (In radare2 2.4.0, there is a heap-based buffer over-read in the ...)
 	- radare2 <unfixed> (low)
 	[stretch] - radare2 <no-dsa> (Minor issue)
 	[jessie] - radare2 <no-dsa> (Minor issue)
 	[wheezy] - radare2 <no-dsa> (minor issue, likely not even affected)
 	NOTE: https://github.com/radare/radare2/issues/9725
+	NOTE: https://github.com/radare/radare2/commit/a88069940950999d5e2fd16cd7d16c7e956bf516
 CVE-2018-8807 (In libming 0.4.8, these is a use-after-free in the function ...)
 	- ming <removed>
 	NOTE: https://github.com/libming/libming/issues/129



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/fcf779a52061c2ce88969e0091e27f5bc6f366e6

---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/fcf779a52061c2ce88969e0091e27f5bc6f366e6
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180414/013d1720/attachment.html>


More information about the debian-security-tracker-commits mailing list