[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-1054/389-ds-base

Mon Mar 5 20:25:03 UTC 2018

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
24f28d4b by Salvatore Bonaccorso at 2018-03-05T21:24:36+01:00
Add CVE-2018-1054/389-ds-base

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================

--- a/data/CVE/list
+++ b/data/CVE/list
@@ -17879,8 +17879,11 @@ CVE-2018-1056 [heap buffer overflow while running advzip]
 	NOTE: https://github.com/amadvance/advancecomp/commit/7deeafc02b29cc51d51079e66f4f43f986ff9cc5
 CVE-2018-1055
 	REJECTED
-CVE-2018-1054
+CVE-2018-1054 [remote Denial of Service (DoS) via search filters in SetUnicodeStringFromUTF_8 in collate.c]
 	RESERVED
+	- 389-ds-base <unfixed>
+	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1537314
+	NOTE: https://pagure.io/389-ds-base/issue/49545
 CVE-2018-1053 (In postgresql 9.3.x before 9.3.21, 9.4.x before 9.4.16, 9.5.x before ...)
 	{DLA-1271-1}
 	- postgresql-10 10.2-1



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/24f28d4b554b096f5f4f81b23de83e224e0d039e

---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/24f28d4b554b096f5f4f81b23de83e224e0d039e
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180305/df9ec241/attachment.html>
