[Git][security-tracker-team/security-tracker][master] 7 commits: CVE-2018-20461,radare2: Jessie is not affected.
Markus Koschany
apo at debian.org
Thu Dec 27 17:50:37 GMT 2018
Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker
Commits:
0110f9c8 by Markus Koschany at 2018-12-27T17:23:17Z
CVE-2018-20461,radare2: Jessie is not affected.
The vulnerable code is not present. The POC triggers no crash without ASAN.
- - - - -
904f28e9 by Markus Koschany at 2018-12-27T17:25:41Z
CVE-2018-20460,radare2: Jessie is not affected.
Vulnerable code is not present.
- - - - -
218df7af by Markus Koschany at 2018-12-27T17:27:45Z
CVE-2018-20459,radare2: Jessie is not affected.
Vulnerable code is not present.
- - - - -
e64a5a6d by Markus Koschany at 2018-12-27T17:41:23Z
CVE-2018-20458,radare2: Jessie is not affected.
Vulnerable code is not present.
- - - - -
767cd957 by Markus Koschany at 2018-12-27T17:42:27Z
CVE-2018-20457,radare2: Jessie is not affected.
Vulnerable code is not present.
- - - - -
171449c0 by Markus Koschany at 2018-12-27T17:48:27Z
CVE-2018-20456,radare2: Jessie is not affected.
Vulnerable code is not present.
- - - - -
80975810 by Markus Koschany at 2018-12-27T17:49:59Z
CVE-2018-20455,radare2: Jessie is not affected.
Vulnerable code is not present.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -113,30 +113,37 @@ CVE-2018-20461 (In radare2 prior to 3.1.1, core_anal_bytes in libr/core/cmd_anal
- radare2 3.1.2+dfsg-1
NOTE: https://github.com/radare/radare2/commit/a1bc65c3db593530775823d6d7506a457ed95267
NOTE: https://github.com/radare/radare2/issues/12375
+ [jessie] - radare2 <not-affected> (vulnerable code not present)
CVE-2018-20460 (In radare2 prior to 3.1.2, the parseOperands function in ...)
- radare2 3.1.2+dfsg-1
NOTE: https://github.com/radare/radare2/commit/df167c7db545953bb7f71c72e98e7a3ca0c793bf
NOTE: https://github.com/radare/radare2/issues/12376
+ [jessie] - radare2 <not-affected> (vulnerable code not present)
CVE-2018-20459 (In radare2 through 3.1.3, the armass_assemble function in ...)
- radare2 <unfixed> (bug #917322)
NOTE: https://github.com/radare/radare2/commit/e5c14c167b0dcf0a53d76bd50bacbbcc0dfc1ae7
NOTE: https://github.com/radare/radare2/issues/12418
+ [jessie] - radare2 <not-affected> (vulnerable code not present)
CVE-2018-20458 (In radare2 prior to 3.1.1, r_bin_dyldcache_extract in ...)
- radare2 3.1.2+dfsg-1
NOTE: https://github.com/radare/radare2/commit/30f4c7b52a4e2dc0d0b1bae487d90f5437c69d19
NOTE: https://github.com/radare/radare2/issues/12374
+ [jessie] - radare2 <not-affected> (vulnerable code not present)
CVE-2018-20457 (In radare2 through 3.1.3, the assemble function inside ...)
- radare2 <unfixed> (bug #917322)
NOTE: https://github.com/radare/radare2/commit/e5c14c167b0dcf0a53d76bd50bacbbcc0dfc1ae7
NOTE: https://github.com/radare/radare2/issues/12417
+ [jessie] - radare2 <not-affected> (vulnerable code not present)
CVE-2018-20456 (In radare2 prior to 3.1.1, the parseOperand function inside ...)
- radare2 3.1.2+dfsg-1
NOTE: https://github.com/radare/radare2/commit/9b46d38dd3c4de6048a488b655c7319f845af185
NOTE: https://github.com/radare/radare2/issues/12372
+ [jessie] - radare2 <not-affected> (vulnerable code not present)
CVE-2018-20455 (In radare2 prior to 3.1.1, the parseOperand function inside ...)
- radare2 3.1.2+dfsg-1
NOTE: https://github.com/radare/radare2/commit/9b46d38dd3c4de6048a488b655c7319f845af185
NOTE: https://github.com/radare/radare2/issues/12373
+ [jessie] - radare2 <not-affected> (vulnerable code not present)
CVE-2018-20454 (An issue was discovered in 74cms v4.2.111. ...)
NOT-FOR-US: 74cms
CVE-2018-20453 (The getlong function in numutils.c in libdoc through 2017-10-23 has a ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/ffc183aa259237ba87f0b5552633a7207e9e5dcf...809758105c5c83bd9ffd90e038d4dbe05b8d3a50
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/ffc183aa259237ba87f0b5552633a7207e9e5dcf...809758105c5c83bd9ffd90e038d4dbe05b8d3a50
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181227/a8edf4fa/attachment.html>
More information about the debian-security-tracker-commits
mailing list