[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Start tracking five new freexl issues fixed upstream in 1.0.5
Salvatore Bonaccorso
carnil at debian.org
Fri Feb 23 06:06:09 UTC 2018
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
fbbbd806 by Salvatore Bonaccorso at 2018-02-23T07:04:46+01:00
Start tracking five new freexl issues fixed upstream in 1.0.5
Needs clarification if CVEs were requested. According to the comments in
the respective Fedora/Red Hat Bugzilla this might not have been the case
yet.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,3 +1,18 @@
+CVE-2018-XXXX [heap-buffer-overflow in freexl.c:3912 read_mini_biff_next_record]
+ - freexl 1.0.5-1
+ NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1547892
+CVE-2018-XXXX [heap-buffer-overflow in freexl.c:383 parse_unicode_string]
+ - freexl 1.0.5-1
+ NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1547889
+CVE-2018-XXXX [heap-buffer-overflow in freexl.c:1866 parse_SST]
+ - freexl 1.0.5-1
+ NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1547885
+CVE-2018-XXXX [heap-buffer-overflow in freexl.c:1805 parse_SST parse_SST]
+ - freexl 1.0.5-1
+ NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1547883
+CVE-2018-XXXX [heap-buffer-overflow in freexl::destroy_cell]
+ - freexl 1.0.5-1
+ NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1547879
CVE-2018-7415
RESERVED
CVE-2018-7414
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/fbbbd8063e456d2389467e8d9b070e740a05a9ff
---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/fbbbd8063e456d2389467e8d9b070e740a05a9ff
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180223/5de30e81/attachment-0001.html>
More information about the Secure-testing-commits
mailing list