[Git][security-tracker-team/security-tracker][master] 3 commits: Triage CVE-2018-19105 (librecad) for jessie LTS.

Chris Lamb lamby at debian.org
Fri Nov 9 08:30:25 GMT 2018 

Chris Lamb pushed to branch master at Debian Security Tracker / security-tracker


Commits:
382d27e2 by Chris Lamb at 2018-11-09T08:27:26Z
Triage CVE-2018-19105 (librecad) for jessie LTS.

- - - - -
e3a033c1 by Chris Lamb at 2018-11-09T08:29:03Z
Triage CVE-2018-1000810 (rustc) for jessie LTS.

- - - - -
45164950 by Chris Lamb at 2018-11-09T08:29:45Z
Triage CVE-2018-1000622 (rustc) for jessie LTS.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -41,6 +41,7 @@ CVE-2018-19106
 	RESERVED
 CVE-2018-19105 (LibreCAD 2.1.3 allows remote attackers to cause a denial of service ...)
 	- librecad <unfixed>
+	[jessie] - librecad <no-dsa> (Minor issue)
 	[stretch] - librecad <no-dsa> (Minor issue)
 	NOTE: https://code610.blogspot.com/2018/11/crashing-librecad-213.html
 CVE-2018-19104 (In BageCMS 3.1.3, upload/index.php has a CSRF vulnerability that can be ...)
@@ -2651,6 +2652,7 @@ CVE-2018-18056
 	RESERVED
 CVE-2018-1000810 (The Rust Programming Language Standard Library version 1.29.0, 1.28.0, ...)
 	- rustc <unfixed>
+	[jessie] - rustc <not-affected> (Vulnerable code not present)
 	[stretch] - rustc <ignored> (Can be fixed along in future rustc update for ESR68)
 	NOTE: https://blog.rust-lang.org/2018/09/21/Security-advisory-for-std.html
 	NOTE: https://groups.google.com/forum/#!topic/rustlang-security-announcements/CmSuTm-SaU0
@@ -13369,6 +13371,7 @@ CVE-2018-1000611 (SURFnet OpenConext EngineBlock version 5.7.0 to 5.7.3 contains
 	NOT-FOR-US: SURFnet OpenConext EngineBlock
 CVE-2018-1000622 (The Rust Programming Language rustdoc version Between 0.8 and 1.27.0 ...)
 	- rustc 1.27.1+dfsg1-1~exp1
+	[jessie] - rustc <ignored> (Minor issue)
 	[stretch] - rustc <ignored> (Minor issue, can be fixed along in future rustc update for ESR69)
 	NOTE: https://groups.google.com/forum/#!topic/rustlang-security-announcements/4ybxYLTtXuM
 CVE-2018-13787 (Certain Supermicro X11S, X10, X9, X8SI, K1SP, C9X299, C7, B1, A2, and ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/bb4b0558e7fdf8468c4ca04369b6971c0fab12d3...45164950134b563de3f1bada11e3ac14b2af2031

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/bb4b0558e7fdf8468c4ca04369b6971c0fab12d3...45164950134b563de3f1bada11e3ac14b2af2031
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181109/6aeacd12/attachment-0001.html>

More information about the debian-security-tracker-commits mailing list