[Git][security-tracker-team/security-tracker][master] Add tracking of mongo-c-driver for CVE-2018-16790

Sat Nov 17 23:07:07 GMT 2018

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
df570dc1 by Salvatore Bonaccorso at 2018-11-17T23:01:28Z
Add tracking of mongo-c-driver for CVE-2018-16790

In future src:libbson should/will be disaprear, as upstream has decided
to not maintain the different libraries in different source packages,
libbson will uniquely come from src:mongo-c-driver.

In fact for unstable, src:libbson provides a libbson-1.0-0 binary
package, and as well src:mongo-c-driver, the one from src:mongo-c-driver
actually already superseeding the one from src:libbson due to the higher
version number.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -6528,6 +6528,7 @@ CVE-2018-16791
 CVE-2018-16790 (_bson_iter_next_internal in bson-iter.c in libbson 1.12.0, as used in ...)
 	- libbson <unfixed> (bug #913896)
 	[stretch] - libbson <no-dsa> (Minor issue)
+	- mongo-c-driver <unfixed> (bug #913963)
 	NOTE: https://jira.mongodb.org/browse/CDRIVER-2819
 	NOTE: https://github.com/mongodb/mongo-c-driver/commit/0d9a4d98bfdf4acd2c0138d4aaeb4e2e0934bd84
 CVE-2018-16789 [nfinite loop due to malformed request payload]



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/df570dc14deaca4419b0f91dd3561899e6ed9c0a

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/df570dc14deaca4419b0f91dd3561899e6ed9c0a
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181117/c24fe65a/attachment-0001.html>
