[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] 3 commits: CVE-2018-6548: chromium-browser <unfixed>

Luciano Bello luciano at debian.org
Mon Feb 5 02:51:52 UTC 2018 

Luciano Bello pushed to branch master at Debian Security Tracker / security-tracker


Commits:
c6864d05 by Luciano Bello at 2018-02-04T21:35:58-05:00
CVE-2018-6548: chromium-browser <unfixed>

- - - - -
9d6005e5 by Luciano Bello at 2018-02-04T21:49:04-05:00
CVE-2018-6317: NFU

- - - - -
e939cb82 by Luciano Bello at 2018-02-04T21:51:25-05:00
CVE-2018-5261: NFU

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -184,6 +184,10 @@ CVE-2017-18121 (The consentAdmin module in SimpleSAMLphp through 1.14.15 is vuln
 CVE-2018-6549
 	RESERVED
 CVE-2018-6548 (A use-after-free issue was discovered in libwebm through 2018-02-02. If ...)
+	- chromium-browser <unfixed>
+	[wheezy] - chromium-browser <end-of-life> (Not supported in wheezy LTS)
+	NOTE: https://bugs.chromium.org/p/webm/issues/detail?id=1493
+	NOTE: https://github.com/dwfault/PoCs/blob/master/libwebm%20Vp9HeaderParser%20UAF%20by%20PrintVP9Info/libwebm%20Vp9HeaderParser%20UAF%20by%20PrintVP9Info.md
 	TODO: check
 CVE-2018-6547
 	RESERVED
@@ -883,7 +887,7 @@ CVE-2018-6319 (In Sophos Tester Tool 3.2.0.7 Beta, the driver accepts a special 
 CVE-2018-6318 (In Sophos Tester Tool 3.2.0.7 Beta, the driver loads (in the context ...)
 	NOT-FOR-US: Sophos Tester Tool
 CVE-2018-6317 (The remote management interface in Claymore Dual Miner 10.5 and ...)
-	TODO: check
+	NOT-FOR-US: Claymore's Dual Ethereum
 CVE-2018-6316
 	RESERVED
 CVE-2018-6315 (The outputSWF_TEXT_RECORD function (util/outputscript.c) in libming ...)
@@ -3595,7 +3599,7 @@ CVE-2018-5263 (The StackIdeas EasyDiscuss (aka com_easydiscuss) extension before
 CVE-2018-5262 (A stack-based buffer overflow in Flexense DiskBoss 8.8.16 and earlier ...)
 	NOT-FOR-US: Flexense DiskBoss
 CVE-2018-5261 (An issue was discovered in Flexense DiskBoss 8.8.16 and earlier. Due ...)
-	TODO: check
+	NOT-FOR-US: Flexense DiskBoss
 CVE-2018-5260
 	RESERVED
 CVE-2018-5259 (Discuz! DiscuzX X3.4 allows remote authenticated users to bypass ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/886db6a37a59fb415b84eecb27307f3661d8d126...e939cb82604c723baf9e167c3486df5e2deea89a

---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/886db6a37a59fb415b84eecb27307f3661d8d126...e939cb82604c723baf9e167c3486df5e2deea89a
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180205/aa8df56f/attachment.html>

More information about the Secure-testing-commits mailing list