[Git][security-tracker-team/security-tracker][master] CVE-2018-16382/nasm fixed in unstable via 2.14-1 upload
Salvatore Bonaccorso
carnil at debian.org
Sun Nov 18 17:01:36 GMT 2018
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
6775b088 by Salvatore Bonaccorso at 2018-11-18T17:00:25Z
CVE-2018-16382/nasm fixed in unstable via 2.14-1 upload
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -7625,8 +7625,10 @@ CVE-2018-16384 (A SQL injection bypass (aka PL1 bypass) exists in OWASP ModSecur
CVE-2018-16383
RESERVED
CVE-2018-16382 (Netwide Assembler (NASM) 2.14rc15 has a buffer over-read in ...)
- - nasm <unfixed> (unimportant; bug #907866)
+ - nasm 2.14-1 (unimportant; bug #907866)
NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392503
+ NOTE: Duplicate of/relate to https://bugzilla.nasm.us/show_bug.cgi?id=3392447
+ NOTE: https://github.com/netwide-assembler/nasm/commit/3c755dac88039b718d52ef56e8f74b5f65f3b55b
NOTE: Crash in CLI tool, no security impact
CVE-2018-16381 (e107 2.1.8 has XSS via the e107_admin/users.php?mode=main&action=list ...)
NOT-FOR-US: e107
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/6775b088212c90e172387821c15381e58fdfabc0
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/6775b088212c90e172387821c15381e58fdfabc0
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181118/edf3ff2a/attachment.html>
More information about the debian-security-tracker-commits
mailing list