[Git][security-tracker-team/security-tracker][master] Add two libsass issues
Salvatore Bonaccorso
carnil at debian.org
Mon Nov 12 20:34:41 GMT 2018
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
656c796e by Salvatore Bonaccorso at 2018-11-12T20:33:34Z
Add two libsass issues
As the reporter were quite unspecific only attaching a reproducer and
not reporting the issues to the upstream project (but rather just trown
in Red Hat bugzilla) mark those as undetermined until more clearity on
the status of the issues.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,7 +1,9 @@
CVE-2018-19219 (In LibSaas 3.5-stable, there is an illegal address access at ...)
- TODO: check
+ - libsass <undetermined>
+ NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1643760
CVE-2018-19218 (In LibSaas 3.5-stable, there is an illegal address access at ...)
- TODO: check
+ - libsass <undetermined>
+ NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1643758
CVE-2018-19217 (In ncurses 6.1, there is a NULL pointer dereference at the function ...)
TODO: check
CVE-2018-19216 (Netwide Assembler (NASM) before 2.13.02 has a use-after-free in detoken ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/656c796e261f73850f4a93594b4e4072e03a0ba2
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/656c796e261f73850f4a93594b4e4072e03a0ba2
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181112/78cf6856/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list