[Git][security-tracker-team/security-tracker][master] Add CVE-2018-19876/cairo

Thu Dec 6 20:56:08 GMT 2018

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
cce31dcf by Salvatore Bonaccorso at 2018-12-06T20:55:42Z
Add CVE-2018-19876/cairo

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -143,7 +143,10 @@ CVE-2018-19878
 CVE-2018-19877 (login.php in Adiscon LogAnalyzer before 4.1.7 has XSS via the Login ...)
 	NOT-FOR-US: Adiscon LogAnalyzer
 CVE-2018-19876 (cairo 1.16.0, in cairo_ft_apply_variations() in cairo-ft-font.c, would ...)
-	TODO: check
+	- cairo <unfixed>
+	[stretch] - cairo <ignored> (Minor issue; Only broken when usesd with freetype 2.9, which is not in Stretch)
+	NOTE: https://bugs.webkit.org/show_bug.cgi?id=191595
+	NOTE: https://gitlab.freedesktop.org/cairo/cairo/merge_requests/5
 CVE-2018-1002104
 	RESERVED
 CVE-2018-1002103 (In Minikube versions 0.3.0-0.29.0, minikube exposes the Kubernetes ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/cce31dcfc5e918ef4db0a564e6b7e9cf4c114e95

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/cce31dcfc5e918ef4db0a564e6b7e9cf4c114e95
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181206/2f424b66/attachment.html>
