[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Update information for CVE-2018-6764/libvirt

Wed Feb 7 18:17:24 UTC 2018

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
5d6e5da8 by Salvatore Bonaccorso at 2018-02-07T19:16:45+01:00
Update information for CVE-2018-6764/libvirt

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================

--- a/data/CVE/list
+++ b/data/CVE/list
@@ -102,9 +102,9 @@ CVE-2018-6767 (A stack-based buffer over-read in the ParseRiffHeaderConfig funct
 	NOTE: https://github.com/dbry/WavPack/commit/d5bf76b5a88d044a1be1d5656698e3ba737167e5
 CVE-2018-6764 [guest could inject executable code via libnss_dns.so loaded by libvirt_lxc before init]
 	RESERVED
-	- libvirt <undetermined>
+	- libvirt <unfixed>
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1541444
-	TODO: check, Red Hat does not provide much references
+	NOTE: https://libvirt.org/git/?p=libvirt.git;a=commit;h=759b4d1b0fe5f4d84d98b99153dfa7ac289dd167
 CVE-2018-6759 (The bfd_get_debug_link_info_1 function in opncls.c in the Binary File ...)
 	- binutils <unfixed>
 	[stretch] - binutils <ignored> (Minor issue)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/5d6e5da830b2b071f3e14c17eee8bfe79e9d6e28

---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/5d6e5da830b2b071f3e14c17eee8bfe79e9d6e28
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180207/1d4862c9/attachment-0001.html>
