[Git][security-tracker-team/security-tracker][master] two additional bibutils issues
Moritz Muehlenhoff
jmm at debian.org
Mon May 7 14:10:33 BST 2018
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
403682f0 by Moritz Muehlenhoff at 2018-05-07T15:09:59+02:00
two additional bibutils issues
new exiv issue (exp only)
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -44,11 +44,15 @@ CVE-2018-10775 (NULL pointer dereference in the _fields_add function in fields.c
- bibutils <unfixed> (unimportant)
NOTE: Crash in CLI tool, no security impact
CVE-2018-10774 (Read access violation in the isiin_keyword function in isiin.c in ...)
- TODO: check
+ - bibutils <unfixed> (unimportant)
+ NOTE: Crash in CLI tool, no security impact
CVE-2018-10773 (NULL pointer deference in the addsn function in serialno.c in ...)
- TODO: check
+ - bibutils <unfixed> (unimportant)
+ NOTE: Crash in CLI tool, no security impact
CVE-2018-10772 (The tEXtToDataBuf function in pngimage.cpp in Exiv2 through 0.26 allows ...)
- TODO: check
+ [experimental] - exiv2 <unfixed>
+ - exiv2 <not-affected> (Vulnerable code introduced after 0.25)
+ NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1566260
CVE-2018-10771 (Stack-based buffer overflow in the get_key function in parse.c in ...)
- abcm2ps <unfixed> (unimportant)
NOTE: https://github.com/leesavide/abcm2ps/issues/17
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/403682f04b1cb8f17640a8f1b75927bb954ea940
---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/403682f04b1cb8f17640a8f1b75927bb954ea940
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180507/5604139e/attachment.html>
More information about the debian-security-tracker-commits
mailing list