[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Update information for CVE-2018-7485
Salvatore Bonaccorso
carnil at debian.org
Tue Feb 27 06:05:39 UTC 2018
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
6582ee63 by Salvatore Bonaccorso at 2018-02-27T07:05:02+01:00
Update information for CVE-2018-7485
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -16,9 +16,12 @@ CVE-2018-7487 (There is a heap-based buffer overflow in the LoadPCX function of
CVE-2018-7486 (Blue River Mura CMS before v7.0.7029 supports inline function calls ...)
NOT-FOR-US: Blue River Mura CMS
CVE-2018-7485 (The SQLWriteFileDSN function in odbcinst/SQLWriteFileDSN.c in unixODBC ...)
- - unixodbc <unfixed>
+ - unixodbc <not-affected> (Vulnerable code introduced later)
NOTE: https://github.com/lurcher/unixODBC/commit/45ef78e037f578b15fc58938a3a3251655e71d6f#diff-d52750c7ba4e594410438569d8e2963aL24
- TODO: check
+ NOTE: Issue introduced with https://github.com/lurcher/unixODBC/commit/4f9f77fb4204659ec9b7be8745d9e05a539c80b9
+ NOTE: when actually fixing another potential (security) issue, "Buffer
+ NOTE: overflows and missing null checks in SQLConfigDataSource,
+ NOTE: SQLInstallDriverEx, and SQLWriteFileDSN"
CVE-2017-18201 (An issue was discovered in GNU libcdio before 2.0.0. There is a double ...)
TODO: check
CVE-2018-7484 (An issue was discovered in PureVPN through 5.19.4.0 on Windows. The ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/6582ee63761cafdc78ae53dd66f063d8cc13655e
---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/6582ee63761cafdc78ae53dd66f063d8cc13655e
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180227/1c494e4c/attachment.html>
More information about the Secure-testing-commits
mailing list