[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] CVE-2018-1000140/librelp assigned

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
a1c4c370 by Salvatore Bonaccorso at 2018-03-24T20:41:32+01:00
CVE-2018-1000140/librelp assigned

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -37,7 +37,8 @@ CVE-2018-8947
 CVE-2018-1000141 (I, Librarian version 4.9 and earlier contains an Incorrect Access ...)
 	TODO: check
 CVE-2018-1000140 (rsyslog librelp version 1.2.14 and earlier contains a Buffer Overflow ...)
-	TODO: check
+	- librelp <unfixed>
+	NOTE: Fixed by: https://github.com/rsyslog/librelp/commit/2cfe657672636aa5d7d2a14cfcb0a6ab9d1f00cf
 CVE-2018-1000139 (I, Librarian version 4.8 and earlier contains a Cross Site Scripting ...)
 	TODO: check
 CVE-2018-1000138 (I, Librarian version 4.8 and earlier contains a SSRF vulnerability in ...)
@@ -438,9 +439,6 @@ CVE-2018-8778
 	RESERVED
 CVE-2018-8777
 	RESERVED
-CVE-2018-XXXX [unify error message generation]
-	- librelp <unfixed>
-	- rsyslog <unfixed>
 	NOTE: Patch https://github.com/rsyslog/librelp/commit/2cfe657672636aa5d7d2a14cfcb0a6ab9d1f00cf
 CVE-2018-XXXX [Multiple vulnerabilities in CiviCRM]
 	- civicrm 4.7.30+dfsg-1 (bug #887330)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/a1c4c37085a2704351c9bf2254f813981a696488

---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/a1c4c37085a2704351c9bf2254f813981a696488
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180324/c1637731/attachment-0001.html>