[Git][security-tracker-team/security-tracker][master] Add several new libcaca issues
Salvatore Bonaccorso
carnil at debian.org
Fri Dec 28 16:15:42 GMT 2018
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
72154bc1 by Salvatore Bonaccorso at 2018-12-28T16:14:07Z
Add several new libcaca issues
Those apparently were only reported in the Fedora/Red Hat Bugzilla. A
first step would involve to make them aware to upstream as they were all
reported in the base version 0.99.beta19.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -6,17 +6,23 @@ CVE-2018-20551 (A reachable Object::getString assertion in Poppler 0.72.0 allows
CVE-2018-20550
RESERVED
CVE-2018-20549 (There is an illegal WRITE memory access at caca/file.c (function ...)
- TODO: check
+ - libcaca <unfixed>
+ NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1652628
CVE-2018-20548 (There is an illegal WRITE memory access at common-image.c (function ...)
- TODO: check
+ - libcaca <unfixed>
+ NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1652625
CVE-2018-20547 (There is an illegal READ memory access at caca/dither.c (function ...)
- TODO: check
+ - libcaca <unfixed>
+ NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1652624
CVE-2018-20546 (There is an illegal READ memory access at caca/dither.c (function ...)
- TODO: check
+ - libcaca <unfixed>
+ NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1652622
CVE-2018-20545 (There is an illegal WRITE memory access at common-image.c (function ...)
- TODO: check
+ - libcaca <unfixed>
+ NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1652621
CVE-2018-20544 (There is floating point exception at caca/dither.c (function ...)
- TODO: check
+ - libcaca <unfixed>
+ NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1652627
CVE-2018-20543 (There is an attempted excessive memory allocation at ...)
TODO: check
CVE-2018-20542 (There is a heap-based buffer-overflow at generator_spgemm_csc_reader.c ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/72154bc1f1b99098362f62b06cd5407f1116a40f
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/72154bc1f1b99098362f62b06cd5407f1116a40f
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181228/a49ab32e/attachment.html>
More information about the debian-security-tracker-commits
mailing list