[Git][security-tracker-team/security-tracker][master] Add bug references for CVE-2018-1052{8,9}/libraw
Salvatore Bonaccorso
carnil at debian.org
Sun Apr 29 16:41:50 BST 2018
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
7ba2418e by Salvatore Bonaccorso at 2018-04-29T17:41:37+02:00
Add bug references for CVE-2018-1052{8,9}/libraw
Filled two separate bugs (though handled in same upstream bug) in case
of not commont affected versions to be tracked in BTS. Borderline in
this case because issues likely to be just no-dsa, but need
double-checking.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,11 +1,11 @@
CVE-2018-10530
RESERVED
CVE-2018-10529 (An issue was discovered in LibRaw 0.18.9. There is an out-of-bounds ...)
- - libraw <unfixed>
+ - libraw <unfixed> (bug #897186)
NOTE: https://github.com/LibRaw/LibRaw/commit/f0c505a3e5d47989a5f69be2d0d4f250af6b1a6c
NOTE: https://github.com/LibRaw/LibRaw/issues/144
CVE-2018-10528 (An issue was discovered in LibRaw 0.18.9. There is a stack-based buffer ...)
- - libraw <unfixed>
+ - libraw <unfixed> (bug #897185)
NOTE: https://github.com/LibRaw/LibRaw/commit/895529fc2f2eb8bc633edd6b04b5b237eb4db564
NOTE: https://github.com/LibRaw/LibRaw/issues/144
CVE-2018-10527 (EasyCMS 1.3 is prone to Stored XSS when posting an article; four fields ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/7ba2418e675b15ab6e1dd52c8e3176b667941cbf
---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/7ba2418e675b15ab6e1dd52c8e3176b667941cbf
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180429/d03e9d2f/attachment.html>
More information about the debian-security-tracker-commits
mailing list