[Git][security-tracker-team/security-tracker][master] 3 commits: Add additional reference to review commit for CVE-2018-14652

Sun Nov 4 07:13:12 GMT 2018

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
98db024d by Salvatore Bonaccorso at 2018-11-04T06:55:40Z
Add additional reference to review commit for CVE-2018-14652

- - - - -
8577f208 by Salvatore Bonaccorso at 2018-11-04T07:00:20Z
Add icecast2 to dsa-needed

- - - - -
2552ba3b by Salvatore Bonaccorso at 2018-11-04T07:12:45Z
Add bug reference for exiv2 issue

- - - - -


2 changed files:

- data/CVE/list
- data/dsa-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,5 +1,5 @@
 CVE-2018-18915 (There is an infinite loop in the Exiv2::Image::printIFDStructure ...)
-	[experimental] - exiv2 <unfixed>
+	[experimental] - exiv2 <unfixed> (bug #912828)
 	- exiv2 <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/Exiv2/exiv2/issues/511
 CVE-2018-18914
@@ -10448,6 +10448,7 @@ CVE-2018-14652 (The Gluster file system through versions 3.12 and 4.1.4 is vulne
 	NOTE: https://www.openwall.com/lists/oss-security/2018/10/31/5
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1632974
 	NOTE: https://review.gluster.org/#/c/glusterfs/+/21535/
+	NOTE: http://git.gluster.org/cgit/glusterfs.git/commit/?id=e2c195712a9ecbda4fa02f5308138a1257a2558a
 CVE-2018-14651 (It was found that the fix for CVE-2018-10927, CVE-2018-10928, ...)
 	{DLA-1565-1}
 	- glusterfs <unfixed>


=====================================
data/dsa-needed.txt
=====================================
@@ -26,6 +26,8 @@ glusterfs
 --
 gnutls28
 --
+icecast2 (jmm)
+--
 libidn
   santiago proposed debdiffs for jessie and stretch
 --



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/b2cb3bb58747bbee679c97b729e5071dbe23bed6...2552ba3b2fe33f5f0012c603ddf713137317971b

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/b2cb3bb58747bbee679c97b729e5071dbe23bed6...2552ba3b2fe33f5f0012c603ddf713137317971b
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181104/8f020997/attachment.html>
