[Git][security-tracker-team/security-tracker][master] new p7zip-rar issue
Moritz Muehlenhoff
jmm at debian.org
Thu May 3 22:12:16 BST 2018
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
071180fd by Moritz Muehlenhoff at 2018-05-03T23:11:52+02:00
new p7zip-rar issue
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1458,7 +1458,11 @@ CVE-2018-10117 (An issue was discovered in idreamsoft iCMS V7.0.7. There is a CS
CVE-2018-10116
RESERVED
CVE-2018-10115 (Incorrect initialization logic of RAR decoder objects in 7-Zip 18.03 ...)
- TODO: check
+ - p7zip-rar <unfixed>
+ [stretch] - p7zip-rar <no-dsa> (Non-free not supported)
+ [jessie] - p7zip-rar <no-dsa> (Non-free not supported)
+ NOTE: https://landave.io/2018/05/7-zip-from-uninitialized-memory-to-remote-code-execution/
+ NOTE: https://sourceforge.net/p/sevenzip/discussion/45797/thread/adc65bfa/
CVE-2018-10114 (An issue was discovered in GEGL through 0.3.32. The ...)
- gegl 0.3.34-1
[wheezy] - gegl <no-dsa> (Minor issue)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/071180fda9b29f626314e3d65d5a59daea5920ee
---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/071180fda9b29f626314e3d65d5a59daea5920ee
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180503/ec2da052/attachment.html>
More information about the debian-security-tracker-commits
mailing list