[Git][security-tracker-team/security-tracker][master] Add CVE-2018-581{7,8,9}/libraw
Salvatore Bonaccorso
carnil at debian.org
Sat Dec 22 11:46:31 GMT 2018
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
f9be1fab by Salvatore Bonaccorso at 2018-12-22T11:45:35Z
Add CVE-2018-581{7,8,9}/libraw
Issues already fixed in 0.19.1 upstream and included in the lbraw update
to unstable as 0.19.1-1.
https://www.flexera.com/company/secunia-research/advisories/SR-2018-27.html
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -45772,12 +45772,18 @@ CVE-2018-5821 (In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android
NOT-FOR-US: Qualcomm components for Android
CVE-2018-5820 (In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with ...)
NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5819
+CVE-2018-5819 [DoS in parse_sinar_ia function in internal/dcraw_common.cpp]
RESERVED
-CVE-2018-5818
+ - libraw 0.19.1-1
+ NOTE: https://www.flexera.com/company/secunia-research/advisories/SR-2018-27.html
+CVE-2018-5818 [DoS in parse_rollei function in internal/dcraw_common.cpp]
RESERVED
-CVE-2018-5817
+ - libraw 0.19.1-1
+ NOTE: https://www.flexera.com/company/secunia-research/advisories/SR-2018-27.html
+CVE-2018-5817 [DoS in unpacked_load_raw function in internal/dcraw_common.cpp]
RESERVED
+ - libraw 0.19.1-1
+ NOTE: https://www.flexera.com/company/secunia-research/advisories/SR-2018-27.html
CVE-2018-5816 (An integer overflow error within the "identify()" function ...)
- libraw 0.18.13-1 (low)
[stretch] - libraw <not-affected> (Fix for CVE-2018-5804 not released in stretch)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/f9be1fabc8e6c3396e78844648a6da7c15e40cb0
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/f9be1fabc8e6c3396e78844648a6da7c15e40cb0
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181222/1550d1aa/attachment.html>
More information about the debian-security-tracker-commits
mailing list