[Git][security-tracker-team/security-tracker][master] 2 commits: Fix references to upstream issues for src:perl issues (CVE-2018-1831{1, 2, 3, 4}
Salvatore Bonaccorso
carnil at debian.org
Thu Nov 29 20:58:41 GMT 2018
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
ce8962d3 by Salvatore Bonaccorso at 2018-11-29T20:56:47Z
Fix references to upstream issues for src:perl issues (CVE-2018-1831{1,2,3,4}
- - - - -
d100ac11 by Salvatore Bonaccorso at 2018-11-29T20:57:22Z
Mark CVE-2018-18313/perl as not affected for jessie
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -6333,23 +6333,24 @@ CVE-2018-18314 [Heap-based buffer overflow]
RESERVED
- perl 5.28.0-3
[jessie] - perl <not-affected> (Vulnerable code introduced later)
- NOTE: https://rt.cpan.org/Public/Bug/Display.html?id=131649
+ NOTE: https://rt.perl.org/Ticket/Display.html?id=131649
NOTE: maint-5.28: https://perl5.git.perl.org/perl.git/commitdiff/19a498a461d7c81ae3507c450953d1148efecf4f
CVE-2018-18313 [Heap-buffer-overflow read in regcomp.c]
RESERVED
- perl 5.28.0-3
- NOTE: https://rt.cpan.org/Public/Bug/Display.html?id=133192
+ [jessie] - perl <not-affected> (Vulnerable code introduced later)
+ NOTE: https://rt.perl.org/Ticket/Display.html?id=133192
NOTE: maint-5.28: https://perl5.git.perl.org/perl.git/commitdiff/43b2f4ef399e2fd7240b4eeb0658686ad95f8e62
CVE-2018-18312 [Heap-buffer-overflow write in S_regatom (regcomp.c)]
RESERVED
- perl 5.28.1-1
[jessie] - perl <not-affected> (Vulnerable code introduced later)
- NOTE: https://rt.cpan.org/Public/Bug/Display.html?id=133423
+ NOTE: https://rt.perl.org/Ticket/Display.html?id=133423
NOTE: maint-5.28: https://perl5.git.perl.org/perl.git/commitdiff/9b0464aa670d0a59bda5b75d54f2a6b6f9d1288a
CVE-2018-18311 [Integer overflow leading to buffer overflow and segmentation fault]
RESERVED
- perl 5.28.1-1
- NOTE: https://rt.cpan.org/Public/Bug/Display.html?id=133204
+ NOTE: https://rt.perl.org/Ticket/Display.html?id=133204
NOTE: Introduced by: https://perl5.git.perl.org/perl.git/commitdiff/e658793210bbe632a5e80a876acfcd0984c46b87
NOTE: maint-5.28: https://perl5.git.perl.org/perl.git/commitdiff/0589f071dc6836de80b24fd798c3336c72ead850
CVE-2018-18310 (An invalid memory address dereference was discovered in ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/6b0f1bfc0763991f6d82375f22ef5681cb9cbc77...d100ac115ff5ddf0c46ec2a882093a7db8f92868
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/6b0f1bfc0763991f6d82375f22ef5681cb9cbc77...d100ac115ff5ddf0c46ec2a882093a7db8f92868
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181129/c7427e4f/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list