[Git][security-tracker-team/security-tracker][master] CVEs assigned for libmspack issues

Salvatore Bonaccorso carnil at debian.org
Sat Jul 28 20:03:25 BST 2018 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
3d5239b5 by Salvatore Bonaccorso at 2018-07-28T19:02:53Z
CVEs assigned for libmspack issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -21,19 +21,19 @@ CVE-2018-14669
 	RESERVED
 CVE-2018-14668
 	RESERVED
-CVE-2018-XXXX [off-by-one error in CHM PMGI/PMGL chunk number validity checks]
+CVE-2018-14679 [off-by-one error in CHM PMGI/PMGL chunk number validity checks]
 	- libmspack <unfixed> (bug #904802)
 	NOTE: https://github.com/kyz/libmspack/commit/72e70a921f0f07fee748aec2274b30784e1d312a
 	NOTE: http://www.openwall.com/lists/oss-security/2018/07/26/1
-CVE-2018-XXXX [libmspack now rejects blank CHM filenames]
+CVE-2018-14680 [libmspack now rejects blank CHM filenames]
 	- libmspack <unfixed> (bug #904801)
 	NOTE: https://github.com/kyz/libmspack/commit/72e70a921f0f07fee748aec2274b30784e1d312a
 	NOTE: http://www.openwall.com/lists/oss-security/2018/07/26/1
-CVE-2018-XXXX [Fix off-by-one error in chmd TOLOWER() fallback]
+CVE-2018-14682 [Fix off-by-one error in chmd TOLOWER() fallback]
 	- libmspack <unfixed> (bug #904800)
 	NOTE: https://github.com/kyz/libmspack/commit/4fd9ccaa54e1aebde1e4b95fb0163b699fd7bcc8
 	NOTE: http://www.openwall.com/lists/oss-security/2018/07/26/1
-CVE-2018-XXXX [kwaj_read_headers(): fix handling of non-terminated strings]
+CVE-2018-14681 [kwaj_read_headers(): fix handling of non-terminated strings]
 	- libmspack <unfixed> (bug #904799)
 	NOTE: https://github.com/kyz/libmspack/commit/0b0ef9344255ff5acfac6b7af09198ac9c9756c8
 	NOTE: http://www.openwall.com/lists/oss-security/2018/07/26/1



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/3d5239b5d07dc04b451686868ab045b27065418c

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/3d5239b5d07dc04b451686868ab045b27065418c
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180728/4970463f/attachment.html>

More information about the debian-security-tracker-commits mailing list