[Git][security-tracker-team/security-tracker][master] 2 commits: Triage CVE-2018-19842 in radare2 for jessie LTS.
Chris Lamb
lamby at debian.org
Mon Dec 10 09:19:54 GMT 2018
Chris Lamb pushed to branch master at Debian Security Tracker / security-tracker
Commits:
dc0d82e7 by Chris Lamb at 2018-12-10T09:19:36Z
Triage CVE-2018-19842 in radare2 for jessie LTS.
- - - - -
bff93cd4 by Chris Lamb at 2018-12-10T09:19:36Z
Triage CVE-2018-19843 in radare2 for jessie LTS.
- - - - -
2 changed files:
- data/CVE/list
- data/dla-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -1255,11 +1255,13 @@ CVE-2018-19844
CVE-2018-19843 (opmov in libr/asm/p/asm_x86_nz.c in radare2 before 3.1.0 allows ...)
- radare2 3.1.0+dfsg-1 (low)
[stretch] - radare2 <no-dsa> (Minor issue)
+ [jessie] - radare2 <not-affected> (Vulnerable code not present in libr/asm/p/asm_x86_nz.c)
NOTE: https://github.com/radare/radare2/commit/f17bfd9f1da05f30f23a4dd05e9d2363e1406948
NOTE: https://github.com/radare/radare2/issues/12242
CVE-2018-19842 (getToken in libr/asm/p/asm_x86_nz.c in radare2 before 3.1.0 allows ...)
- radare2 3.1.0+dfsg-1 (low)
[stretch] - radare2 <no-dsa> (Minor issue)
+ [jessie] - radare2 <not-affected> (Vulnerable code not present in libr/asm/p/asm_x86_nz.c)
NOTE: https://github.com/radare/radare2/commit/66191f780863ea8c66ace4040d0d04a8842e8432
NOTE: https://github.com/radare/radare2/issues/12239
CVE-2018-19841 (The function WavpackVerifySingleBlock in open_utils.c in libwavpack.a ...)
=====================================
data/dla-needed.txt
=====================================
@@ -107,8 +107,6 @@ qemu
qtsvg-opensource-src
NOTE: 20181210: Needs more investigation around related packages/upstream etc. (lamby)
--
-radare2
---
samba (Emilio Pozuelo)
NOTE: 20181203: regression in upstream fix, waiting for confirmed regression fix
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/7913fce41dbc5423e1ceb5eb605f0a3396a97fca...bff93cd4e1165cc8087e160380b520d56cb8362d
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/7913fce41dbc5423e1ceb5eb605f0a3396a97fca...bff93cd4e1165cc8087e160380b520d56cb8362d
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181210/465ce463/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list