[Git][security-tracker-team/security-tracker][master] Triage result for undetermined.
Ola Lundqvist
opal at debian.org
Sun Nov 18 01:20:15 GMT 2018
Ola Lundqvist pushed to branch master at Debian Security Tracker / security-tracker
Commits:
4a8f3212 by Ola Lundqvist at 2018-11-18T01:18:46Z
Triage result for undetermined.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -556,7 +556,8 @@ CVE-2018-19217 (In ncurses 6.1, there is a NULL pointer dereference at the funct
- ncurses <undetermined>
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1643753
CVE-2018-19216 (Netwide Assembler (NASM) before 2.13.02 has a use-after-free in detoken ...)
- - nasm <undetermined>
+ - nasm <unfixed>
+ [jessie] - nasm <ignored> (Minor issue)
NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392425
NOTE: https://repo.or.cz/nasm.git/commit/4b5b737d4991578b1918303dc0fd9c9ab5c7ce4f
TODO: Something is not correct about this CVE, the upstream bug is 3392425, but commit references 3392525, and the former is really fixed in 2.13.02 but the latter is unfixed in 2.13.02 and even 2.13.03.
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/4a8f321243962c3bd4cc6d37174c4a19d3b6c8eb
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/4a8f321243962c3bd4cc6d37174c4a19d3b6c8eb
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181118/902861b1/attachment.html>
More information about the debian-security-tracker-commits
mailing list