[Git][security-tracker-team/security-tracker][master] curl issues are fixed in sid
Alessandro Ghedini
ghedo at debian.org
Fri May 18 20:29:56 BST 2018
Alessandro Ghedini pushed to branch master at Debian Security Tracker / security-tracker
Commits:
7dfa05e5 by Alessandro Ghedini at 2018-05-18T20:29:49+01:00
curl issues are fixed in sid
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -949,11 +949,11 @@ CVE-2018-10803 (Cross-site scripting (XSS) vulnerability in the add credentials
CVE-2018-1000301 [RTSP bad headers buffer over-read]
RESERVED
{DSA-4202-1 DLA-1379-1}
- - curl <unfixed> (bug #898856)
+ - curl 7.60.0-1 (bug #898856)
NOTE: https://curl.haxx.se/docs/adv_2018-b138.html
CVE-2018-1000300 [FTP shutdown response buffer overflow]
RESERVED
- - curl <unfixed>
+ - curl 7.60.0-1
[stretch] - curl <not-affected> (Vulnerable code introduced in 7.54.1)
[jessie] - curl <not-affected> (Vulnerable code introduced in 7.54.1)
[wheezy] - curl <not-affected> (Vulnerable code introduced in 7.54.1)
@@ -8003,17 +8003,17 @@ CVE-2018-7889 (gui2/viewer/bookmarkmanager.py in Calibre 3.18 calls cPickle.load
NOTE: aeb5b036a0bf657951756688b3c72bd68b6e4a7d.
CVE-2018-1000122 (A buffer over-read exists in curl 7.20.0 to and including curl 7.58.0 ...)
{DSA-4136-1 DLA-1309-1}
- - curl <unfixed> (bug #893546)
+ - curl 7.60.0-1 (bug #893546)
NOTE: https://curl.haxx.se/docs/adv_2018-b047.html
NOTE: https://curl.haxx.se/CVE-2018-1000122.patch
CVE-2018-1000121 (A NULL pointer dereference exists in curl 7.21.0 to and including curl ...)
{DSA-4136-1 DLA-1309-1}
- - curl <unfixed> (bug #893546)
+ - curl 7.60.0-1 (bug #893546)
NOTE: https://curl.haxx.se/docs/adv_2018-97a2.html
NOTE: https://curl.haxx.se/CVE-2018-1000121.patch
CVE-2018-1000120 (A buffer overflow exists in curl 7.12.3 to and including curl 7.58.0 ...)
{DSA-4136-1 DLA-1309-1}
- - curl <unfixed> (bug #893546)
+ - curl 7.60.0-1 (bug #893546)
NOTE: https://curl.haxx.se/docs/adv_2018-9cd6.html
NOTE: https://curl.haxx.se/CVE-2018-1000120.patch
CVE-2018-7888
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/7dfa05e58ffa41e3b693116bb779bd1443caca99
---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/7dfa05e58ffa41e3b693116bb779bd1443caca99
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180518/df99d64e/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list