[Git][security-tracker-team/security-tracker][master] CVE-2018-19876/cairo n/a on stretch and jessie
Emilio Pozuelo Monfort
pochu at debian.org
Wed Dec 12 11:47:12 GMT 2018
Emilio Pozuelo Monfort pushed to branch master at Debian Security Tracker / security-tracker
Commits:
825d27da by Emilio Pozuelo Monfort at 2018-12-12T11:46:44Z
CVE-2018-19876/cairo n/a on stretch and jessie
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -2168,7 +2168,8 @@ CVE-2018-19877 (login.php in Adiscon LogAnalyzer before 4.1.7 has XSS via the Lo
NOT-FOR-US: Adiscon LogAnalyzer
CVE-2018-19876 (cairo 1.16.0, in cairo_ft_apply_variations() in cairo-ft-font.c, would ...)
- cairo <unfixed> (bug #915801)
- [stretch] - cairo <ignored> (Minor issue; Only broken when usesd with freetype 2.9, which is not in Stretch)
+ [stretch] - cairo <not-affected> (Vulnerable code introduced later)
+ [jessie] - cairo <not-affected> (Vulnerable code introduced later)
NOTE: https://bugs.webkit.org/show_bug.cgi?id=191595
NOTE: https://gitlab.freedesktop.org/cairo/cairo/merge_requests/5
CVE-2018-1002104
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/825d27da671a8ca507f1b179d03ec2a25c201b73
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/825d27da671a8ca507f1b179d03ec2a25c201b73
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181212/1013b2e8/attachment.html>
More information about the debian-security-tracker-commits
mailing list