[Git][security-tracker-team/security-tracker][master] Update todo item for CVE-2018-10126
Salvatore Bonaccorso
carnil at debian.org
Sun Apr 22 10:15:40 BST 2018
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
747157f0 by Salvatore Bonaccorso at 2018-04-22T11:14:32+02:00
Update todo item for CVE-2018-10126
Only start tracking it with a source package once issue is clarified.
Cf. http://bugzilla.maptools.org/show_bug.cgi?id=2786 the issue raises
not directly in libtiff.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -390,7 +390,7 @@ CVE-2018-10128 (An issue was discovered in XYHCMS 3.5. It has XSS via the test .
CVE-2018-10127 (An issue was discovered in XYHCMS 3.5. It has CSRF via an ...)
NOT-FOR-US: XYHCMS
CVE-2018-10126 (LibTIFF 4.0.9 has a NULL pointer dereference in the jpeg_fdct_16x16 ...)
- TODO: check
+ TODO: check, possible invalid (for src:tiff) assignment, cf. upstream bug
CVE-2018-10125
RESERVED
CVE-2018-10123
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/747157f0f804fcb5ffccde2ef4b38949255c2635
---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/747157f0f804fcb5ffccde2ef4b38949255c2635
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180422/951cb9cf/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list