[Git][security-tracker-team/security-tracker][master] Mark CVE-2018-2054{5,8}/libcaca as unimportant
Salvatore Bonaccorso
carnil at debian.org
Sun Dec 30 08:53:53 GMT 2018
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
da4325c6 by Salvatore Bonaccorso at 2018-12-30T08:52:31Z
Mark CVE-2018-2054{5,8}/libcaca as unimportant
Although affected source code wise for both upstream issues, the binary
packages as produced in Debian use the Imlib2 library for the build and
not the fallback BMP loader.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -89,10 +89,11 @@ CVE-2018-20549 (There is an illegal WRITE memory access at caca/file.c (function
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1652628
NOTE: https://github.com/cacalabs/libcaca/issues/41
CVE-2018-20548 (There is an illegal WRITE memory access at common-image.c (function ...)
- - libcaca <unfixed>
+ - libcaca <unfixed> (unimportant)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1652625
NOTE: https://github.com/cacalabs/libcaca/issues/40
NOTE: Upstream fix: https://github.com/cacalabs/libcaca/commit/f6c61faa26b3e150c3daf514589afa737f42f152
+ NOTE: Debian binary packages built with the Imlib2 library
CVE-2018-20547 (There is an illegal READ memory access at caca/dither.c (function ...)
- libcaca <unfixed>
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1652624
@@ -102,10 +103,11 @@ CVE-2018-20546 (There is an illegal READ memory access at caca/dither.c (functio
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1652622
NOTE: https://github.com/cacalabs/libcaca/issues/38
CVE-2018-20545 (There is an illegal WRITE memory access at common-image.c (function ...)
- - libcaca <unfixed>
+ - libcaca <unfixed> (unimportant)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1652621
NOTE: https://github.com/cacalabs/libcaca/issues/37
NOTE: Upstream fix: https://github.com/cacalabs/libcaca/commit/f6c61faa26b3e150c3daf514589afa737f42f152
+ NOTE: Debian binary packages built with the Imlib2 library
CVE-2018-20544 (There is floating point exception at caca/dither.c (function ...)
- libcaca <unfixed>
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1652627
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/da4325c6742aaf924a53eec073280a9d0c95cf47
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/da4325c6742aaf924a53eec073280a9d0c95cf47
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181230/160c4c00/attachment.html>
More information about the debian-security-tracker-commits
mailing list