[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] CVE-2018-1000005 only affects stretch

Salvatore Bonaccorso carnil at debian.org
Fri Jan 26 12:11:38 UTC 2018


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
75b7fdda by Salvatore Bonaccorso at 2018-01-26T13:11:07+01:00
CVE-2018-1000005 only affects stretch

Do not add thus cross-reference as well for jessie-version fo the
CVE-2018-1000005 CVE id entry.

- - - - -


2 changed files:

- data/CVE/list
- data/DSA/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1499,6 +1499,7 @@ CVE-2018-5732
 	RESERVED
 CVE-2018-1000005 (libcurl 7.49.0 to and including 7.57.0 contains an out bounds read in ...)
 	- curl 7.58.0-1
+	[stretch] - curl 7.52.1-5+deb9u4
 	[jessie] - curl <not-affected> (Vulnerable code introduce later)
 	[wheezy] - curl <not-affected> (Vulnerable code introduce later)
 	NOTE: https://github.com/curl/curl/pull/2231


=====================================
data/DSA/list
=====================================
--- a/data/DSA/list
+++ b/data/DSA/list
@@ -1,5 +1,5 @@
 [26 Jan 2018] DSA-4098-1 curl - security update
-	{CVE-2018-1000005 CVE-2018-1000007}
+	{CVE-2018-1000007}
 	[jessie] - curl 7.38.0-4+deb8u9
 	[stretch] - curl 7.52.1-5+deb9u4
 [25 Jan 2018] DSA-4097-1 poppler - security update



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/75b7fdda0d91e6e439e11357357971ec8d29dc41

---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/75b7fdda0d91e6e439e11357357971ec8d29dc41
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180126/0ba1de09/attachment.html>


More information about the Secure-testing-commits mailing list