[Git][security-tracker-team/security-tracker][master] Add bug references for CVE-2018-1052{8,9}/libraw

Salvatore Bonaccorso carnil at debian.org
Sun Apr 29 16:41:50 BST 2018


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
7ba2418e by Salvatore Bonaccorso at 2018-04-29T17:41:37+02:00
Add bug references for CVE-2018-1052{8,9}/libraw

Filled two separate bugs (though handled in same upstream bug) in case
of not commont affected versions to be tracked in BTS. Borderline in
this case because issues likely to be just no-dsa, but need
double-checking.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,11 +1,11 @@
 CVE-2018-10530
 	RESERVED
 CVE-2018-10529 (An issue was discovered in LibRaw 0.18.9. There is an out-of-bounds ...)
-	- libraw <unfixed>
+	- libraw <unfixed> (bug #897186)
 	NOTE: https://github.com/LibRaw/LibRaw/commit/f0c505a3e5d47989a5f69be2d0d4f250af6b1a6c
 	NOTE: https://github.com/LibRaw/LibRaw/issues/144
 CVE-2018-10528 (An issue was discovered in LibRaw 0.18.9. There is a stack-based buffer ...)
-	- libraw <unfixed>
+	- libraw <unfixed> (bug #897185)
 	NOTE: https://github.com/LibRaw/LibRaw/commit/895529fc2f2eb8bc633edd6b04b5b237eb4db564
 	NOTE: https://github.com/LibRaw/LibRaw/issues/144
 CVE-2018-10527 (EasyCMS 1.3 is prone to Stored XSS when posting an article; four fields ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/7ba2418e675b15ab6e1dd52c8e3176b667941cbf

---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/7ba2418e675b15ab6e1dd52c8e3176b667941cbf
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180429/d03e9d2f/attachment.html>


More information about the debian-security-tracker-commits mailing list