[Git][security-tracker-team/security-tracker][master] Add fixed version for four libraw CVEs in unstable via new upstream verison

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
c10db511 by Salvatore Bonaccorso at 2018-12-27T20:51:45Z
Add fixed version for four libraw CVEs in unstable via new upstream verison

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -396,17 +396,17 @@ CVE-2018-20367 (The "mall some commodity details: commodity consultation&qu
 CVE-2018-20366
 	RESERVED
 CVE-2018-20365 (LibRaw::raw2image() in libraw_cxx.cpp has a heap-based buffer overflow. ...)
-	- libraw <unfixed> (bug #917111)
+	- libraw 0.19.2-1 (bug #917111)
 	NOTE: https://github.com/LibRaw/LibRaw/issues/195
 	NOTE: https://github.com/LibRaw/LibRaw/commit/7e29b9f29449fde30cc878fbb137d61c14bba3a4
 	NOTE: CVE-2018-20363, CVE-2018-20364 and CVE-2018-20365 have same root cause
 CVE-2018-20364 (LibRaw::copy_bayer in libraw_cxx.cpp in LibRaw 0.19.1 has a NULL ...)
-	- libraw <unfixed> (bug #917112)
+	- libraw 0.19.2-1 (bug #917112)
 	NOTE: https://github.com/LibRaw/LibRaw/issues/194
 	NOTE: https://github.com/LibRaw/LibRaw/commit/7e29b9f29449fde30cc878fbb137d61c14bba3a4
 	NOTE: CVE-2018-20363, CVE-2018-20364 and CVE-2018-20365 have same root cause
 CVE-2018-20363 (LibRaw::raw2image in libraw_cxx.cpp in LibRaw 0.19.1 has a NULL pointer ...)
-	- libraw <unfixed> (bug #917113)
+	- libraw 0.19.2-1 (bug #917113)
 	NOTE: https://github.com/LibRaw/LibRaw/issues/193
 	NOTE: https://github.com/LibRaw/LibRaw/commit/7e29b9f29449fde30cc878fbb137d61c14bba3a4
 	NOTE: CVE-2018-20363, CVE-2018-20364 and CVE-2018-20365 have same root cause
@@ -471,7 +471,7 @@ CVE-2018-20339 (Zoho ManageEngine OpManager 12.3 before build 123239 allows XSS
 CVE-2018-20338 (Zoho ManageEngine OpManager 12.3 before build 123239 allows SQL ...)
 	NOT-FOR-US: Zoho ManageEngine OpManager
 CVE-2018-20337 (There is a stack-based buffer overflow in the parse_makernote function ...)
-	- libraw <unfixed> (bug #917080)
+	- libraw 0.19.2-1 (bug #917080)
 	NOTE: https://github.com/LibRaw/LibRaw/issues/192
 CVE-2018-20336
 	RESERVED



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/c10db511544e1113f888869ca2dae1d12969e4d1

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/c10db511544e1113f888869ca2dae1d12969e4d1
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181227/de816ce0/attachment-0001.html>