[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] 2 commits: Sort entries

Fri Feb 16 17:57:16 UTC 2018

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
8f12ef1c by Salvatore Bonaccorso at 2018-02-16T18:51:32+01:00
Sort entries

- - - - -
475059f8 by Salvatore Bonaccorso at 2018-02-16T18:56:42+01:00
Add CVE-2018-7186/leptonlib, #890548

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================

--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,3 +1,6 @@
+CVE-2018-7186 [stack buffer overflows]
+	- leptonlib <unfixed> (bug #890548)
+	NOTE: https://github.com/DanBloomberg/leptonica/commit/ee301cb2029db8a6289c5295daa42bba7715e99a
 CVE-2018-7180
 	RESERVED
 CVE-2018-7179
@@ -8,8 +11,8 @@ CVE-2018-7177
 	RESERVED
 CVE-2018-7176 (FrontAccounting 2.4.3 suffers from a CSRF flaw, which leads to adding a user account via admin/users.php...)
 	- frontaccounting <removed> (bug #890604)
-	NOTE: https://securitywarrior9.blogspot.ca/2018/02/cross-site-request-forgery-front.html
 	[wheezy] - frontaccounting <end-of-life> (unsupported in wheezy, already vulnerable to SQL injection in CVE-2014-3973)
+	NOTE: https://securitywarrior9.blogspot.ca/2018/02/cross-site-request-forgery-front.html
 CVE-2018-7175 (An issue was discovered in xpdf 4.00. A NULL pointer dereference in ...)
 	- xpdf <undetermined>
 	NOTE: https://forum.xpdfreader.com/viewtopic.php?f=3&t=613



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/0a904f215e8c93727dac3d43abbd83922a8803e9...475059f83bc0bfb9f122837ab903e3e28d886afc

---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/0a904f215e8c93727dac3d43abbd83922a8803e9...475059f83bc0bfb9f122837ab903e3e28d886afc
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180216/6e3fbcf5/attachment.html>
