[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] cimg no-dsa
Moritz Muehlenhoff
jmm at debian.org
Mon Mar 12 19:15:09 UTC 2018
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
7353a47a by Moritz Muehlenhoff at 2018-03-12T20:14:44+01:00
cimg no-dsa
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1080,22 +1080,32 @@ CVE-2018-7642 (The swap_std_reloc_in function in aoutx.h in the Binary File Desc
NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=116acb2c268c89c89186673a7c92620d21825b25
CVE-2018-7641 (An issue was discovered in CImg v.220. A heap-based buffer over-read in ...)
- cimg <unfixed>
+ [stretch] - cimg <no-dsa> (Minor issue)
+ [jessie] - cimg <no-dsa> (Minor issue)
NOTE: https://github.com/dtschump/CImg/issues/185
NOTE: https://github.com/dtschump/CImg/commit/10af1e8c1ad2a58a0a3342a856bae63e8f257abb
CVE-2018-7640 (An issue was discovered in CImg v.220. A heap-based buffer over-read in ...)
- cimg <unfixed>
+ [stretch] - cimg <no-dsa> (Minor issue)
+ [jessie] - cimg <no-dsa> (Minor issue)
NOTE: https://github.com/dtschump/CImg/issues/185
NOTE: https://github.com/dtschump/CImg/commit/10af1e8c1ad2a58a0a3342a856bae63e8f257abb
CVE-2018-7639 (An issue was discovered in CImg v.220. A heap-based buffer over-read in ...)
- cimg <unfixed>
+ [stretch] - cimg <no-dsa> (Minor issue)
+ [jessie] - cimg <no-dsa> (Minor issue)
NOTE: https://github.com/dtschump/CImg/issues/185
NOTE: https://github.com/dtschump/CImg/commit/10af1e8c1ad2a58a0a3342a856bae63e8f257abb
CVE-2018-7638 (An issue was discovered in CImg v.220. A heap-based buffer over-read in ...)
- cimg <unfixed>
+ [stretch] - cimg <no-dsa> (Minor issue)
+ [jessie] - cimg <no-dsa> (Minor issue)
NOTE: https://github.com/dtschump/CImg/issues/185
NOTE: https://github.com/dtschump/CImg/commit/10af1e8c1ad2a58a0a3342a856bae63e8f257abb
CVE-2018-7637 (An issue was discovered in CImg v.220. A heap-based buffer over-read in ...)
- cimg <unfixed>
+ [stretch] - cimg <no-dsa> (Minor issue)
+ [jessie] - cimg <no-dsa> (Minor issue)
NOTE: https://github.com/dtschump/CImg/issues/185
NOTE: https://github.com/dtschump/CImg/commit/10af1e8c1ad2a58a0a3342a856bae63e8f257abb
CVE-2018-7636
@@ -1194,14 +1204,20 @@ CVE-2018-7590 (CSRF exists in Hoosk 1.7.0 via /admin/users/new/add, resulting in
NOT-FOR-US: Hoosk
CVE-2018-7589 (An issue was discovered in CImg v.220. A double free in load_bmp in ...)
- cimg <unfixed>
+ [stretch] - cimg <no-dsa> (Minor issue)
+ [jessie] - cimg <no-dsa> (Minor issue)
NOTE: https://github.com/dtschump/CImg/issues/184
NOTE: https://github.com/dtschump/CImg/commit/8447076ef22322a14a0ce130837e44c5ba8095f4
CVE-2018-7588 (An issue was discovered in CImg v.220. A heap-based buffer over-read in ...)
- cimg <unfixed>
+ [stretch] - cimg <no-dsa> (Minor issue)
+ [jessie] - cimg <no-dsa> (Minor issue)
NOTE: https://github.com/dtschump/CImg/issues/183
NOTE: https://github.com/dtschump/CImg/commit/8447076ef22322a14a0ce130837e44c5ba8095f4
CVE-2018-7587 (An issue was discovered in CImg v.220. DoS occurs when loading a ...)
- cimg <unfixed>
+ [stretch] - cimg <no-dsa> (Minor issue)
+ [jessie] - cimg <no-dsa> (Minor issue)
TODO: check, not reported upstream
CVE-2018-7586 (In the nextgen-gallery plugin before 2.2.50 for WordPress, gallery ...)
NOT-FOR-US: nextgen-gallery plugin for WordPress
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/7353a47a7a374dec77eec2abf0aa431308150a24
---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/7353a47a7a374dec77eec2abf0aa431308150a24
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180312/9e1ed587/attachment.html>
More information about the Secure-testing-commits
mailing list