[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-5345/gcab
Salvatore Bonaccorso
carnil at debian.org
Fri Jan 12 07:59:59 UTC 2018
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
2dc59f93 by Salvatore Bonaccorso at 2018-01-12T08:59:32+01:00
Add CVE-2018-5345/gcab
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -3,6 +3,9 @@ CVE-2018-1000001 [Libc Realpath Buffer Underflow]
- eglibc <removed>
NOTE: http://www.openwall.com/lists/oss-security/2018/01/11/5
NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=18203
+CVE-2018-5345 [Extracting malformed .cab files causes stack smashing potentially leading to arbitrary code exectuion]
+ - gcab <unfixed>
+ TODO: Asked Red Hat if providing more information possible, https://bugzilla.redhat.com/show_bug.cgi?id=1527296#c6
CVE-2018-5344
RESERVED
CVE-2018-5343
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/2dc59f938945360d8596aba26339e0ef8d040c58
---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/2dc59f938945360d8596aba26339e0ef8d040c58
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180112/9c9c163f/attachment.html>
More information about the Secure-testing-commits
mailing list