[Git][security-tracker-team/security-tracker][master] Add CVE-2018-1000180/bouncycastle
Salvatore Bonaccorso
carnil at debian.org
Tue Jun 5 21:22:57 BST 2018
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
b4cad689 by Salvatore Bonaccorso at 2018-06-05T22:22:32+02:00
Add CVE-2018-1000180/bouncycastle
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1246,7 +1246,12 @@ CVE-2018-11320 (In Octopus Deploy 2018.4.4 through 2018.5.1, Octopus variables t
CVE-2018-1000181 (Kitura 2.3.0 and earlier have an unintended read access to ...)
TODO: check
CVE-2018-1000180 (Bouncy Castle BC 1.54 - 1.59, BC-FJA 1.0.0, BC-FJA 1.0.1 and earlier ...)
- TODO: check
+ - bouncycastle <unfixed>
+ [jessie] - bouncycastle <not-affected> (Issue introduced in 1.54)
+ NOTE: Fixed by: https://github.com/bcgit/bc-java/commit/22467b6e8fe19717ecdf201c0cf91bacf04a55ad
+ NOTE: Fixed by: https://github.com/bcgit/bc-java/commit/73780ac522b7795fc165630aba8d5f5729acc839
+ NOTE: Introduced by: https://github.com/bcgit/bc-java/commit/a47c9eff26101f2969bb2a9627ca721b135c9d47
+ NOTE: https://www.bouncycastle.org/jira/browse/BJA-694
CVE-2018-11318
RESERVED
CVE-2018-11317
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/b4cad68922893fcb2db7774baa58b97f5134b883
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/b4cad68922893fcb2db7774baa58b97f5134b883
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180605/9cded5fc/attachment.html>
More information about the debian-security-tracker-commits
mailing list