[Git][security-tracker-team/security-tracker][master] Add CVE-2018-19217/ncurses
Salvatore Bonaccorso
carnil at debian.org
Mon Nov 12 20:38:44 GMT 2018
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
18bfb555 by Salvatore Bonaccorso at 2018-11-12T20:37:12Z
Add CVE-2018-19217/ncurses
Issue was only reported in Red Hat bugzilla for some reason even if it
does not even affect the version present in Fedora.
https://bugzilla.redhat.com/show_bug.cgi?id=1643753#c2 seem to make
clear that the issue was not yet reported upstream.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -5,7 +5,8 @@ CVE-2018-19218 (In LibSaas 3.5-stable, there is an illegal address access at ...
- libsass <undetermined>
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1643758
CVE-2018-19217 (In ncurses 6.1, there is a NULL pointer dereference at the function ...)
- TODO: check
+ - ncurses <undetermined>
+ NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1643753
CVE-2018-19216 (Netwide Assembler (NASM) before 2.13.02 has a use-after-free in detoken ...)
TODO: check
CVE-2018-19215 (Netwide Assembler (NASM) 2.14rc16 has a heap-based buffer over-read in ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/18bfb555b78e821296fcf340e46dc5b8a5c925b2
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/18bfb555b78e821296fcf340e46dc5b8a5c925b2
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181112/07d4dae9/attachment.html>
More information about the debian-security-tracker-commits
mailing list