[Git][security-tracker-team/security-tracker][master] bird no-dsa

Moritz Muehlenhoff jmm at debian.org
Fri Jun 8 12:57:57 BST 2018 

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
0db0b448 by Moritz Muehlenhoff at 2018-06-08T13:57:27+02:00
bird no-dsa
one im issue n/a

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -468,7 +468,9 @@ CVE-2018-11816
 CVE-2018-11815
 	RESERVED
 CVE-2018-XXXX [Stack overflow in BGP mask expressions]
-	- bird 1.6.4-1 (bug #900967)
+	- bird 1.6.4-1 (low; bug #900967)
+	[stretch] - bird <no-dsa> (Minor issue)
+	[jessie] - bird <no-dsa> (Minor issue)
 	NOTE: https://gitlab.labs.nic.cz/labs/bird/blob/v1.6.4/NEWS#L11
 	NOTE: Fixed by: https://gitlab.labs.nic.cz/labs/bird/commit/e8bc64e308586b6502090da2775af84cd760ed0d
 CVE-2018-1002204 [nodejs-adm-zip: arbitrary file write vulnerability / arbitrary code execution using a specially crafted zip file]
@@ -2049,6 +2051,8 @@ CVE-2017-18273 (In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-22, an infinite loop 
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/b8fcb59e9e1d1189caf2e0f5e39346944dcd6b9d
 CVE-2017-18272 (In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-25, there is a ...)
 	- imagemagick 8:6.9.9.34+dfsg-3
+	[stretch] - imagemagick <not-affected> (Vulnerable code not present)
+	[jessie] - imagemagick <not-affected> (Vulnerable code not present)
 	[wheezy] - imagemagick <not-affected> (vulnerable code not present)
 	NOTE: https://github.com/ImageMagick/ImageMagick/issues/918
 	NOTE: https://github.com/ImageMagick/ImageMagick/commit/93d029b70ac766ce0b5d7261a2dd334535f48038



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/0db0b44891e7fe5c365b2175c976fc153b8d22bb

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/0db0b44891e7fe5c365b2175c976fc153b8d22bb
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180608/6d005d6c/attachment.html>

More information about the debian-security-tracker-commits mailing list