[Git][security-tracker-team/security-tracker][master] 3 commits: Add CVE-2018-1000217/cjson

Salvatore Bonaccorso carnil at debian.org
Tue Aug 21 21:32:02 BST 2018 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
e32d5de7 by Salvatore Bonaccorso at 2018-08-21T20:30:07Z
Add CVE-2018-1000217/cjson

- - - - -
116eb2c0 by Salvatore Bonaccorso at 2018-08-21T20:30:29Z
Add CVE-2018-1000216/cjson

- - - - -
b84fbbd2 by Salvatore Bonaccorso at 2018-08-21T20:30:45Z
Add CVE-2018-1000215/cjson

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -161,11 +161,14 @@ CVE-2018-1000219 (OpenEMR version v5_0_1_4 contains a Cross Site Scripting (XSS)
 CVE-2018-1000218 (OpenEMR version v5_0_1_4 contains a Cross Site Scripting (XSS) ...)
 	NOT-FOR-US: OpenEMR
 CVE-2018-1000217 (Dave Gamble cJSON version 1.7.3 and earlier contains a CWE-416: Use ...)
-	TODO: check
+	- cjson <not-affected> (Fixed before initial upload to Debian)
+	NOTE: https://github.com/DaveGamble/cJSON/issues/248
 CVE-2018-1000216 (Dave Gamble cJSON version 1.7.2 and earlier contains a CWE-415: Double ...)
-	TODO: check
+	- cjson <not-affected> (Fixed before initial upload to Debian)
+	NOTE: https://github.com/DaveGamble/cJSON/issues/241
 CVE-2018-1000215 (Dave Gamble cJSON version 1.7.6 and earlier contains a CWE-772 ...)
-	TODO: check
+	- cjson <unfixed>
+	NOTE: https://github.com/DaveGamble/cJSON/issues/267
 CVE-2018-1000214
 	REJECTED
 CVE-2018-1000213



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/39796ed7361fac3257d11b01758a4d3e16433f6d...b84fbbd273a05ca42bd97ff55e284965f81ddf2d

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/39796ed7361fac3257d11b01758a4d3e16433f6d...b84fbbd273a05ca42bd97ff55e284965f81ddf2d
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180821/be6de7d0/attachment-0001.html>

More information about the debian-security-tracker-commits mailing list