[Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2018-16840,curl: Jessie is not affected.
Markus Koschany
apo at debian.org
Thu Nov 1 20:47:43 GMT 2018
Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker
Commits:
64b24959 by Markus Koschany at 2018-11-01T20:46:03Z
CVE-2018-16840,curl: Jessie is not affected.
Vulnerable code was introduced later.
- - - - -
4c4be79f by Markus Koschany at 2018-11-01T20:46:49Z
Merge branch 'master' of salsa.debian.org:security-tracker-team/security-tracker
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -4944,6 +4944,7 @@ CVE-2018-16841
CVE-2018-16840 (A heap use-after-free flaw was found in curl versions from 7.59.0 ...)
- curl 7.62.0-1
[stretch] - curl <not-affected> (Use-after-free issue introduced later)
+ [jessie] - curl <not-affected> (Use-after-free issue introduced later)
NOTE: https://curl.haxx.se/docs/CVE-2018-16840.html
NOTE: Fixed by: https://github.com/curl/curl/commit/81d135d67155c5295b1033679c606165d4e28f3f
NOTE: Introduced by: https://github.com/curl/curl/commit/b46cfbc068ebe90f18e9777b9e877e4934c1b5e3
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/a16934ea83ff06d66c4e3fd410b2d268c6953457...4c4be79fb8ff7a5166529c95bc2d548364671a54
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/a16934ea83ff06d66c4e3fd410b2d268c6953457...4c4be79fb8ff7a5166529c95bc2d548364671a54
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181101/1762a261/attachment.html>
More information about the debian-security-tracker-commits
mailing list