[Git][security-tracker-team/security-tracker][master] Add several new libcaca issues

Salvatore Bonaccorso carnil at debian.org
Fri Dec 28 16:15:42 GMT 2018


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
72154bc1 by Salvatore Bonaccorso at 2018-12-28T16:14:07Z
Add several new libcaca issues

Those apparently were only reported in the Fedora/Red Hat Bugzilla. A
first step would involve to make them aware to upstream as they were all
reported in the base version 0.99.beta19.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -6,17 +6,23 @@ CVE-2018-20551 (A reachable Object::getString assertion in Poppler 0.72.0 allows
 CVE-2018-20550
 	RESERVED
 CVE-2018-20549 (There is an illegal WRITE memory access at caca/file.c (function ...)
-	TODO: check
+	- libcaca <unfixed>
+	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1652628
 CVE-2018-20548 (There is an illegal WRITE memory access at common-image.c (function ...)
-	TODO: check
+	- libcaca <unfixed>
+	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1652625
 CVE-2018-20547 (There is an illegal READ memory access at caca/dither.c (function ...)
-	TODO: check
+	- libcaca <unfixed>
+	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1652624
 CVE-2018-20546 (There is an illegal READ memory access at caca/dither.c (function ...)
-	TODO: check
+	- libcaca <unfixed>
+	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1652622
 CVE-2018-20545 (There is an illegal WRITE memory access at common-image.c (function ...)
-	TODO: check
+	- libcaca <unfixed>
+	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1652621
 CVE-2018-20544 (There is floating point exception at caca/dither.c (function ...)
-	TODO: check
+	- libcaca <unfixed>
+	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1652627
 CVE-2018-20543 (There is an attempted excessive memory allocation at ...)
 	TODO: check
 CVE-2018-20542 (There is a heap-based buffer-overflow at generator_spgemm_csc_reader.c ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/72154bc1f1b99098362f62b06cd5407f1116a40f

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/72154bc1f1b99098362f62b06cd5407f1116a40f
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181228/a49ab32e/attachment.html>


More information about the debian-security-tracker-commits mailing list