[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
carnil at debian.org
Mon Jun 11 09:10:22 BST 2018
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
d864b382 by security tracker role at 2018-06-11T08:10:14+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -3,7 +3,7 @@ CVE-2018-XXXX [bug in the get_missing_events federation API where event visibili
NOTE: https://github.com/matrix-org/synapse/pull/3371
NOTE: https://github.com/matrix-org/synapse/commit/0834b49c6a9b6c597a154d4b2dfcf8fff90699ec
NOTE: https://matrix.org/blog/2018/06/08/synapse-0-31-1-released/
-CVE-2018-12088 [bug in checksumming function; prone to replay attacks]
+CVE-2018-12088 (S3QL before 2.27 mishandles checksumming, and consequently allows ...)
- s3ql 2.27.1+dfsg-1
NOTE: https://groups.google.com/forum/#!topic/s3ql/4TzCVIMkA4o
NOTE: https://bitbucket.org/nikratio/s3ql/commits/85aba5c2d5c81453a73a50ed638adaeef0521020
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/d864b382def0406b1058b7b8df2e842bc7f6b9f5
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/d864b382def0406b1058b7b8df2e842bc7f6b9f5
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180611/caf8bc1b/attachment.html>
More information about the debian-security-tracker-commits
mailing list