[Git][security-tracker-team/security-tracker][master] Mark ming memory leaks ignored in wheezy

Sat May 26 05:05:19 BST 2018

Hugo Lefeuvre pushed to branch master at Debian Security Tracker / security-tracker


Commits:
72c4115d by Hugo Lefeuvre at 2018-05-26T00:01:40-04:00
Mark ming memory leaks ignored in wheezy

Memory leaks are a very common issue in the Ming code base, and
affect the global structure and design of the different modules.
Since those are not very important issues (with high fix overhead),
they are not worth an update.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================

--- a/data/CVE/list
+++ b/data/CVE/list
@@ -8804,6 +8804,7 @@ CVE-2018-7870 (An invalid memory address dereference was discovered in getString
 	NOTE: https://github.com/libming/libming/issues/117
 CVE-2018-7869 (There is a memory leak triggered in the function dcinit of ...)
 	- ming <removed>
+	[wheezy] - ming <ignored> (Minor issue present everywhere in the source code, hard to fix)
 	NOTE: https://github.com/libming/libming/issues/119
 CVE-2018-7868 (There is a heap-based buffer over-read in the getName function of ...)
 	{DLA-1343-1}
@@ -47830,6 +47831,7 @@ CVE-2017-11706 (The Boozt Fashion application before 2.3.4 for Android allows re
 	NOT-FOR-US: Boozt Fashion application
 CVE-2017-11705 (A memory leak was found in the function parseSWF_SHAPEWITHSTYLE in ...)
 	- ming <removed>
+	[wheezy] - ming <ignored> (Minor issue present everywhere in the source code, hard to fix)
 	NOTE: https://github.com/libming/libming/issues/71
 CVE-2017-11704 (A heap-based buffer over-read was found in the function decompileIF in ...)
 	{DLA-1133-1}
@@ -47837,6 +47839,7 @@ CVE-2017-11704 (A heap-based buffer over-read was found in the function decompil
 	NOTE: https://github.com/libming/libming/issues/76
 CVE-2017-11703 (A memory leak vulnerability was found in the function parseSWF_DOACTION ...)
 	- ming <removed>
+	[wheezy] - ming <ignored> (Minor issue present everywhere in the source code, hard to fix)
 	NOTE: https://github.com/libming/libming/issues/72
 CVE-2017-11702
 	RESERVED



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/72c4115d8b88d55e8fb3ee028c32f363ba0f6a4e

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/72c4115d8b88d55e8fb3ee028c32f363ba0f6a4e
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180526/6792726f/attachment.html>
