[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-7262/ceph
Salvatore Bonaccorso
carnil at debian.org
Fri Feb 23 06:12:10 UTC 2018
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
6d515c82 by Salvatore Bonaccorso at 2018-02-23T07:11:47+01:00
Add CVE-2018-7262/ceph
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -461,8 +461,11 @@ CVE-2018-7263 (The mad_decoder_run() function in decoder.c in Underbit libmad th
NOTE: https://bugs.debian.org/870608
NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1081784
TODO: clarify with MITRE why this CVE was additionally assigned
-CVE-2018-7262
+CVE-2018-7262 [Malformed HTTP requests handled in rgw_civetweb.cc:RGW::init_env() can lead to NULL pointer dereference]
RESERVED
+ - ceph <unfixed>
+ NOTE: Original pull request: https://github.com/ceph/ceph/pull/20403
+ NOTE: Superseeded by: https://github.com/ceph/ceph/pull/20488
CVE-2018-7261 (There are multiple Persistent XSS vulnerabilities in Radiant CMS ...)
NOT-FOR-US: Radiant CMS
CVE-2018-7260 (Cross-site scripting (XSS) vulnerability in db_central_columns.php in ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/6d515c823d147ec6103b5caa87b120dc706c3f27
---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/6d515c823d147ec6103b5caa87b120dc706c3f27
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180223/0a5ce4e2/attachment.html>
More information about the Secure-testing-commits
mailing list