[Git][security-tracker-team/security-tracker][master] 2 commits: Add CVE-2017-18269, git-fixes updates in 2.27-3 includes fix
Salvatore Bonaccorso
carnil at debian.org
Fri May 18 21:26:32 BST 2018
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
c1ac7c0a by Salvatore Bonaccorso at 2018-05-18T22:26:18+02:00
Add CVE-2017-18269, git-fixes updates in 2.27-3 includes fix
- - - - -
9fd0943b by Salvatore Bonaccorso at 2018-05-18T22:26:18+02:00
CVE-2018-11125 was rejected by the assigning CNA, cleanup entry
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -65,7 +65,10 @@ CVE-2017-18272 (In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-25, there is a ...)
CVE-2017-18271 (In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-22, an infinite loop ...)
TODO: check
CVE-2017-18269 (An SSE2-optimized memmove implementation for i386 in ...)
- TODO: check
+ - glibc 2.27-3
+ - eglibc <removed>
+ NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22644
+ NOTE: https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=cd66c0e584c6d692bc8347b5e72723d02b8a8ada
CVE-2018-11232 (The etm_setup_aux function in ...)
- linux <not-affected> (Vulnerable code never present in unstable)
NOTE: Fixed by: https://git.kernel.org/linus/f09444639099584bc4784dfcd85ada67c6f33e0f
@@ -314,7 +317,6 @@ CVE-2018-11126 (dg-user/?controller=users&action=add in doorGets 7.0 has CSR
NOT-FOR-US: doorGets
CVE-2018-11125
REJECTED
- NOT-FOR-US: Tencent RapidJSON
CVE-2018-11124
RESERVED
CVE-2018-11123
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/742717ab0136940f792535bd849960e6bf203f7a...9fd0943b49d0c3d247483fbeee5c990bebff55c2
---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/742717ab0136940f792535bd849960e6bf203f7a...9fd0943b49d0c3d247483fbeee5c990bebff55c2
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180518/c567ad3e/attachment.html>
More information about the debian-security-tracker-commits
mailing list