[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Mark CVE-2018-7408/npm as not-affected
Salvatore Bonaccorso
carnil at debian.org
Fri Feb 23 09:14:50 UTC 2018
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
ae2b9a60 by Salvatore Bonaccorso at 2018-02-23T10:14:07+01:00
Mark CVE-2018-7408/npm as not-affected
The isuse was introduced in
https://github.com/npm/npm/commit/94227e15eeced836b3d7b3d2b5e5cc41d4959cff
and reverted with the commit
https://github.com/npm/npm/commit/74e149da6efe6ed89477faa81fef08eee7999ad0
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -42,7 +42,7 @@ CVE-2018-7410
CVE-2018-7409 (In unixODBC before 2.3.5, there is a buffer overflow in the ...)
- unixodbc <unfixed>
CVE-2018-7408 (An issue was discovered in an npm 5.7.0 2018-02-21 pre-release (marked ...)
- TODO: check
+ - npm <not-affected> (Vulnerable code introduced later)
CVE-2018-7407
RESERVED
CVE-2018-7406
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/ae2b9a606944c6a288e0bf9d4eafa1afea173bd8
---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/ae2b9a606944c6a288e0bf9d4eafa1afea173bd8
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180223/0da5fd2f/attachment.html>
More information about the Secure-testing-commits
mailing list