[Git][security-tracker-team/security-tracker][master] Add fixing commits for CVE-2018-88{08,09,10}
Salvatore Bonaccorso
carnil at debian.org
Sat Apr 14 20:33:01 BST 2018
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
fcf779a5 by Salvatore Bonaccorso at 2018-04-14T21:28:19+02:00
Add fixing commits for CVE-2018-88{08,09,10}
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -3021,18 +3021,21 @@ CVE-2018-8810 (In radare2 2.4.0, there is a heap-based buffer over-read in the .
[jessie] - radare2 <no-dsa> (Minor issue)
[wheezy] - radare2 <not-affected> (vulnerable code not present)
NOTE: https://github.com/radare/radare2/issues/9727
+ NOTE: https://github.com/radare/radare2/commit/06c9903be9a1ca46b74571d49027bee2168fbd69
CVE-2018-8809 (In radare2 2.4.0, there is a heap-based buffer over-read in the ...)
- radare2 <unfixed> (low)
[stretch] - radare2 <no-dsa> (Minor issue)
[jessie] - radare2 <no-dsa> (Minor issue)
[wheezy] - radare2 <no-dsa> (minor issue, likely not even affected)
NOTE: https://github.com/radare/radare2/issues/9726
+ NOTE: https://github.com/radare/radare2/commit/24282de142000d2ed2c19783b40a1351872dfc54
CVE-2018-8808 (In radare2 2.4.0, there is a heap-based buffer over-read in the ...)
- radare2 <unfixed> (low)
[stretch] - radare2 <no-dsa> (Minor issue)
[jessie] - radare2 <no-dsa> (Minor issue)
[wheezy] - radare2 <no-dsa> (minor issue, likely not even affected)
NOTE: https://github.com/radare/radare2/issues/9725
+ NOTE: https://github.com/radare/radare2/commit/a88069940950999d5e2fd16cd7d16c7e956bf516
CVE-2018-8807 (In libming 0.4.8, these is a use-after-free in the function ...)
- ming <removed>
NOTE: https://github.com/libming/libming/issues/129
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/fcf779a52061c2ce88969e0091e27f5bc6f366e6
---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/fcf779a52061c2ce88969e0091e27f5bc6f366e6
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180414/013d1720/attachment.html>
More information about the debian-security-tracker-commits
mailing list