[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Update libreoffice CVE, one should be rejected (asked MITRE)

Salvatore Bonaccorso carnil at debian.org
Fri Feb 9 09:15:48 UTC 2018 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
bab3967e by Salvatore Bonaccorso at 2018-02-09T10:15:23+01:00
Update libreoffice CVE, one should be rejected (asked MITRE)

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -5,7 +5,9 @@ CVE-2018-6872 (The elf_parse_notes function in elf.c in the Binary File Descript
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22788
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;a=commit;h=ef135d4314fd4c2d7da66b9d7b59af4a85b0f7e6
 CVE-2018-6871 (LibreOffice through 6.0.1 allows remote attackers to read arbitrary ...)
-	TODO: check
+	- libreoffice 1:6.0.1-1
+	NOTE: https://github.com/jollheef/libreoffice-remote-arbitrary-file-disclosure
+	NOTE: Duplicate of CVE-2018-1055
 CVE-2018-6870
 	RESERVED
 CVE-2018-6869 (In ZZIPlib 0.13.68, there is an uncontrolled memory allocation and a ...)
@@ -15253,6 +15255,8 @@ CVE-2018-1055
 	RESERVED
 	- libreoffice 1:6.0.1-1
 	NOTE: https://github.com/jollheef/libreoffice-remote-arbitrary-file-disclosure
+	NOTE: Duplicate of CVE-2018-6871
+	TODO: Ask MITRE to reject
 CVE-2018-1054
 	RESERVED
 CVE-2018-1053 [Ensure that all temp files made during pg_upgrade are non-world-readable]



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/bab3967e20b74f379a816b0b79db53e3ee0f32f2

---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/bab3967e20b74f379a816b0b79db53e3ee0f32f2
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180209/e1a6b41e/attachment-0001.html>

More information about the Secure-testing-commits mailing list