[Git][security-tracker-team/security-tracker][master] Add CVE-2018-10897/yum-utils

Salvatore Bonaccorso carnil at debian.org
Thu Jul 12 07:35:14 BST 2018


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
39e7695a by Salvatore Bonaccorso at 2018-07-12T08:34:52+02:00
Add CVE-2018-10897/yum-utils

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -7636,8 +7636,10 @@ CVE-2018-10899
 CVE-2018-10898
 	RESERVED
 	- tripleo-heat-templates <removed>
-CVE-2018-10897
+CVE-2018-10897 [reposync: improper path validation may lead to directory traversal]
 	RESERVED
+	- yum-utils <unfixed>
+	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1600221
 CVE-2018-10896
 	RESERVED
 	NOT-FOR-US: Red Hat-specific packaging flaw of cloud-init default config



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/39e7695a99decc432b7ed5f23b4bfa5898a5f38d

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/39e7695a99decc432b7ed5f23b4bfa5898a5f38d
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180712/0563d611/attachment.html>


More information about the debian-security-tracker-commits mailing list