[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-8098/libgit2

Salvatore Bonaccorso carnil at debian.org
Wed Mar 14 20:58:22 UTC 2018


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
3f67e0b3 by Salvatore Bonaccorso at 2018-03-14T21:58:00+01:00
Add CVE-2018-8098/libgit2

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -22,7 +22,9 @@ CVE-2018-8099 (Incorrect returning of an error code in the index.c:read_entry() 
 	- libgit2 <unfixed>
 	NOTE: https://github.com/libgit2/libgit2/commit/58a6fe94cb851f71214dbefac3f9bffee437d6fe
 CVE-2018-8098 (Integer overflow in the index.c:read_entry() function while ...)
-	TODO: check
+	- libgit2 <unfixed>
+	NOTE: https://github.com/libgit2/libgit2/commit/3207ddb0103543da8ad2139ec6539f590f9900c1
+	NOTE: https://github.com/libgit2/libgit2/commit/3db1af1f370295ad5355b8f64b865a2a357bcac0
 CVE-2018-8097
 	RESERVED
 CVE-2018-8096 (Datalust Seq before 4.2.605 is vulnerable to Authentication Bypass ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/3f67e0b3eca252868cf69c1cc79c348165c9c2cf

---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/3f67e0b3eca252868cf69c1cc79c348165c9c2cf
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180314/58707b13/attachment-0001.html>


More information about the Secure-testing-commits mailing list