[Git][security-tracker-team/security-tracker][master] stretch triage
Moritz Muehlenhoff
jmm at debian.org
Fri Dec 7 20:10:18 GMT 2018
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
023a7b50 by Moritz Muehlenhoff at 2018-12-07T20:09:18Z
stretch triage
mark sqlite3 as untermined for now, this could be entirely limited to Chromium's use of sqlite
recheck once details are available
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1541,8 +1541,9 @@ CVE-2018-19657
CVE-2018-19656
RESERVED
CVE-2018-19655 (A stack-based buffer overflow in the find_green() function of dcraw ...)
- - ufraw 0.22-3.1 (bug #890086)
- - dcraw 9.28-2 (bug #906529)
+ - ufraw 0.22-3.1 (unimportant; bug #890086)
+ - dcraw 9.28-2 (unimportant; bug #906529)
+ NOTE: No security impact, crash in CLI tool
CVE-2018-19654 (An issue was discovered in Sales & Company Management System (SCMS) ...)
NOT-FOR-US: Sales & Company Management System (SCMS)
CVE-2018-19653
@@ -4607,7 +4608,8 @@ CVE-2018-19499 (Vanilla before 2.5.5 and 2.6.x before 2.6.2 allows Remote Code .
CVE-2018-19498
RESERVED
CVE-2018-19497 (In The Sleuth Kit (TSK) through 4.6.4, hfs_cat_traverse in tsk/fs/hfs.c ...)
- - sleuthkit <unfixed> (bug #914796)
+ - sleuthkit <unfixed> (low; bug #914796)
+ [stretch] - sleuthkit <no-dsa> (Minor issue)
NOTE: https://github.com/sleuthkit/sleuthkit/pull/1374
NOTE: https://github.com/sleuthkit/sleuthkit/commit/bc04aa017c0bd297de8a3b7fc40ffc6ddddbb95d
CVE-2018-19496
@@ -7776,7 +7778,7 @@ CVE-2018-18345
- chromium 71.0.3578.80-1
CVE-2018-18344
RESERVED
- - sqlite3 <unfixed>
+ - sqlite3 <undetermined>
- chromium 71.0.3578.80-1
CVE-2018-18343
RESERVED
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/023a7b507343ea3133d50b66abc21c737f493aa9
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/023a7b507343ea3133d50b66abc21c737f493aa9
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181207/fc43d304/attachment.html>
More information about the debian-security-tracker-commits
mailing list