[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add bug references for irssi issues
Salvatore Bonaccorso
carnil at debian.org
Sat Feb 17 15:49:57 UTC 2018
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
dcb2709f by Salvatore Bonaccorso at 2018-02-17T16:48:53+01:00
Add bug references for irssi issues
Filled different bugs due to various affecting version ranges.
CVE-2018-7054 does only affect irssi starting from 1.0.0, CVE-2018-7053
only from 0.8.18.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -303,7 +303,7 @@ CVE-2018-7056 (RoomWizard before 4.4.x allows remote attackers to obtain potenti
CVE-2018-7055 (GroupViewProxyServlet in RoomWizard before 4.4.x allows SSRF via the ...)
NOT-FOR-US: RoomWizard
CVE-2018-7054 (An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1. ...)
- - irssi <unfixed>
+ - irssi <unfixed> (bug #890674)
[jessie] - irssi <not-affected> (Vulnerable netsplit code introduced in 1.0.0)
[wheezy] - irssi <not-affected> (Vulnerable netsplit code introduced in 1.0.0)
NOTE: https://irssi.org/security/irssi_sa_2018_02.txt
@@ -314,21 +314,21 @@ CVE-2018-7054 (An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.
NOTE: https://github.com/irssi/irssi/commit/a4f99ae746efb121185fe76c392a64d743a9eb92
NOTE: But the CVE is specifically for the use-after-free issue.
CVE-2018-7053 (An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1. ...)
- - irssi <unfixed>
+ - irssi <unfixed> (bug #890675)
[jessie] - irssi <not-affected> (Vulnerable code introduced in 0.8.18)
[wheezy] - irssi <not-affected> (Vulnerable code introduced in 0.8.18)
NOTE: https://irssi.org/security/irssi_sa_2018_02.txt
NOTE: Fixed by: https://github.com/irssi/irssi/commit/84f03e01467b90a4251987b32b2813ee976b357c
CVE-2018-7052 (An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1. ...)
- - irssi <unfixed>
+ - irssi <unfixed> (bug #890676)
NOTE: https://irssi.org/security/irssi_sa_2018_02.txt
NOTE: Fixed by: https://github.com/irssi/irssi/commit/5b5bfef03596d95079c728f65f523570dd7b03aa
CVE-2018-7051 (An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1. ...)
- - irssi <unfixed>
+ - irssi <unfixed> (bug #890677)
NOTE: https://irssi.org/security/irssi_sa_2018_02.txt
NOTE: Fixed by: https://github.com/irssi/irssi/commit/e32e9d63c67ab95ef0576154680a6c52334b97af
CVE-2018-7050 (An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1. A ...)
- - irssi <unfixed>
+ - irssi <unfixed> (bug #890678)
NOTE: https://irssi.org/security/irssi_sa_2018_02.txt
NOTE: Fixed by: https://github.com/irssi/irssi/commit/e91da9e4098e449dc36eaa15354aff67650e7703
CVE-2017-18189 (In the startread function in xa.c in Sound eXchange (SoX) through ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/dcb2709f84b59d97d90225d431c4cd7858eb80c4
---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/dcb2709f84b59d97d90225d431c4cd7858eb80c4
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180217/2736a47b/attachment.html>
More information about the Secure-testing-commits
mailing list