[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] 2 commits: clamav: add data for a CVE

Sebastian Siewior bigeasy at debian.org
Sun Mar 4 21:13:15 UTC 2018 

Sebastian Siewior pushed to branch master at Debian Security Tracker / security-tracker


Commits:
8d14b2a4 by Sebastian Andrzej Siewior at 2018-03-04T22:12:11+01:00
clamav: add data for a CVE

Information collected from git + bugzilla. No public announcement has
been made (yet).

Signed-off-by: Sebastian Andrzej Siewior <sebastian at breakpoint.cc>

- - - - -
6bad3383 by Sebastian Andrzej Siewior at 2018-03-04T22:13:07+01:00
Merge branch 'master' of salsa.debian.org:security-tracker-team/security-tracker

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -20510,8 +20510,18 @@ CVE-2018-0204 (A vulnerability in the web portal of the Cisco Prime Collaboratio
 	NOT-FOR-US: Cisco
 CVE-2018-0203 (A vulnerability in the SMTP relay of Cisco Unity Connection could allow ...)
 	NOT-FOR-US: Cisco
-CVE-2018-0202
+CVE-2018-0202 [Out-of-bounds access in the PDF parser]
 	RESERVED
+	- clamav <unfixed>
+	[stretch] - clamav <no-dsa> (clamav is updated via -updates)
+	[jessie] - clamav <no-dsa> (clamav is updated via -updates)
+	NOTE: https://bugzilla.clamav.net/show_bug.cgi?id=11973
+	NOTE: https://bugzilla.clamav.net/show_bug.cgi?id=11980
+	NOTE: https://github.com/Cisco-Talos/clamav-devel/commit/87aaa10b29476958f5bf54b6119a133069f944fc
+	NOTE: https://github.com/Cisco-Talos/clamav-devel/commit/700ed96af56077cb1a9bff7b91d21db112f6465d
+	NOTE: https://github.com/Cisco-Talos/clamav-devel/commit/0df2fedf2805e574512c486b32a0fff4ed394560
+	NOTE: https://github.com/Cisco-Talos/clamav-devel/commit/495fce917445063d519f14b0009cee025f817bc3
+	NOTE: https://github.com/Cisco-Talos/clamav-devel/commit/99eadf7a9ad351210165312362d1f32b77c6f857
 CVE-2018-0201 (A vulnerability in Cisco Jabber Client Framework (JCF) could allow an ...)
 	NOT-FOR-US: Cisco
 CVE-2018-0200 (A vulnerability in the web-based interface of Cisco Prime Service ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/2d977f8d73d602323c9624976b9521cb94f07063...6bad3383c33af6d83f24cd6ec920b6392cc919ae

---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/2d977f8d73d602323c9624976b9521cb94f07063...6bad3383c33af6d83f24cd6ec920b6392cc919ae
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180304/d1bc2b5c/attachment.html>

More information about the Secure-testing-commits mailing list