[Git][security-tracker-team/security-tracker][master] new vlc issue
Moritz Muehlenhoff
jmm at debian.org
Wed Jul 18 11:17:31 BST 2018
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
f1ac67dc by Moritz Muehlenhoff at 2018-07-18T12:17:08+02:00
new vlc issue
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -6964,8 +6964,9 @@ CVE-2018-11531 (Exiv2 0.26 has a heap-based buffer overflow in getData in previe
CVE-2018-11530
RESERVED
CVE-2018-11529 (VideoLAN VLC media player 2.2.x is prone to a use after free ...)
- TODO: check
- NOTE: Apparently fixed in 3.0.3, but should be doublechecked with upstream
+ - vlc 3.0.3-1
+ NOTE: https://github.com/videolan/vlc-3.0/commit/c472668ff873cfe29281822b4548715fb7bb0368
+ NOTE: https://github.com/videolan/vlc-3.0/commit/d2dadb37e7acc25ae08df71e563855d6e17b5b42
CVE-2018-11528 (WUZHI CMS 4.1.0 has SQL Injection via an api/sms_check.php?param= URI. ...)
NOT-FOR-US: WUZHI CMS
CVE-2018-11527 (An issue was discovered in CScms v4.1. A Cross-site request forgery ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/f1ac67dc111d90aeb84029a260fee6f4c49cb76a
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/f1ac67dc111d90aeb84029a260fee6f4c49cb76a
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180718/b3e34890/attachment.html>
More information about the debian-security-tracker-commits
mailing list