[Git][security-tracker-team/security-tracker][master] 2 commits: Add CVE-2018-19841/wavpack

Salvatore Bonaccorso carnil at debian.org
Tue Dec 4 20:40:33 GMT 2018 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
9683dc21 by Salvatore Bonaccorso at 2018-12-04T20:39:45Z
Add CVE-2018-19841/wavpack

- - - - -
696bcd14 by Salvatore Bonaccorso at 2018-12-04T20:40:09Z
Add CVE-2018-19840/wavpack

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -32,9 +32,13 @@ CVE-2018-19842 (getToken in libr/asm/p/asm_x86_nz.c in radare2 before 3.1.0 allo
 	NOTE: https://github.com/radare/radare2/commit/66191f780863ea8c66ace4040d0d04a8842e8432
 	NOTE: https://github.com/radare/radare2/issues/12239
 CVE-2018-19841 (The function WavpackVerifySingleBlock in open_utils.c in libwavpack.a ...)
-	TODO: check
+	- wavpack <unfixed>
+	NOTE: https://github.com/dbry/WavPack/commit/bba5389dc598a92bdf2b297c3ea34620b6679b5b
+	NOTE: https://github.com/dbry/WavPack/issues/54
 CVE-2018-19840 (The function WavpackPackInit in pack_utils.c in libwavpack.a in WavPack ...)
-	TODO: check
+	- wavpack <unfixed>
+	NOTE: https://github.com/dbry/WavPack/commit/070ef6f138956d9ea9612e69586152339dbefe51
+	NOTE: https://github.com/dbry/WavPack/issues/53
 CVE-2018-19839 (In LibSass prior to 3.5.5, the function handle_error in ...)
 	TODO: check
 CVE-2018-19838 (In LibSass prior to 3.5.5, functions inside ast.cpp for ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/ecf7116fde10c637ade3945056551f83f6f52578...696bcd14e7a301e4b1d04bc708c2265ff3def9b3

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/ecf7116fde10c637ade3945056551f83f6f52578...696bcd14e7a301e4b1d04bc708c2265ff3def9b3
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181204/55f1e87a/attachment-0001.html>

More information about the debian-security-tracker-commits mailing list