[Git][security-tracker-team/security-tracker][master] Add bug reference for discount issues
Salvatore Bonaccorso
carnil at debian.org
Wed Jun 20 08:58:16 BST 2018
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
86cefd0c by Salvatore Bonaccorso at 2018-06-20T09:57:38+02:00
Add bug reference for discount issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -225,7 +225,7 @@ CVE-2018-12497
CVE-2018-12496
RESERVED
CVE-2018-12495 (The quoteblock function in markdown.c in libmarkdown.a in DISCOUNT ...)
- - discount <unfixed>
+ - discount <unfixed> (bug #901912)
NOTE: https://github.com/Orc/discount/issues/189#issuecomment-397541501
CVE-2018-12494 (An issue discovered in PublicCMS V4.0.20180210. There is a "Directory ...)
NOT-FOR-US: PublicCMS
@@ -2666,11 +2666,11 @@ CVE-2018-11506 (The sr_do_ioctl function in drivers/scsi/sr_ioctl.c in the Linux
CVE-2018-11505 (The Werewolf Online application 0.8.8 for Android allows attackers to ...)
NOT-FOR-US: Werewolf Online application for Android
CVE-2018-11504 (The islist function in markdown.c in libmarkdown.a in DISCOUNT 2.2.3a ...)
- - discount <unfixed>
+ - discount <unfixed> (bug #901912)
NOTE: https://github.com/Orc/discount/issues/189#issuecomment-392247798
NOTE: POC: https://github.com/fCorleone/fuzz_programs/blob/master/discount/issue3_testcase
CVE-2018-11503 (The isfootnote function in markdown.c in libmarkdown.a in DISCOUNT ...)
- - discount <unfixed>
+ - discount <unfixed> (bug #901912)
NOTE: https://github.com/Orc/discount/issues/189#issuecomment-392247798
NOTE: POC: https://github.com/fCorleone/fuzz_programs/blob/master/discount/issue2_testcase
CVE-2018-11502
@@ -2758,7 +2758,7 @@ CVE-2018-11469 (Incorrect caching of responses to requests including an Authoriz
[jessie] - haproxy <not-affected> (Issue introduced in 1.8.0)
NOTE: https://git.haproxy.org/?p=haproxy-1.8.git;a=commit;h=17514045e5d934dede62116216c1b016fe23dd06
CVE-2018-11468 (The __mkd_trim_line function in mkdio.c in libmarkdown.a in DISCOUNT ...)
- - discount <unfixed>
+ - discount <unfixed> (bug #901912)
NOTE: https://github.com/Orc/discount/issues/189
NOTE: POC: https://github.com/fCorleone/fuzz_programs/blob/master/discount/issue1_testcase
CVE-2018-11467
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/86cefd0c94db1550c73438fb65fe6ec921b3e325
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/86cefd0c94db1550c73438fb65fe6ec921b3e325
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180620/7d47bf64/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list