[Git][security-tracker-team/security-tracker][master] new nsis issues

Moritz Muehlenhoff jmm at debian.org
Sat Oct 6 18:45:52 BST 2018 

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
0724e67e by Moritz Muehlenhoff at 2018-10-06T17:45:23Z
new nsis issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -84,7 +84,7 @@ CVE-2015-9272 (The videowhisper-video-presentation plugin 3.31.17 for WordPress
 CVE-2014-10076 (The wp-db-backup plugin 2.2.4 for WordPress relies on a five-character ...)
 	NOT-FOR-US: wp-db-backup plugin WordPress
 CVE-2014-10075 (The karo gem 2.3.8 for Ruby allows Remote command injection via the ...)
-	TODO: check
+	NOT-FOR-US: karo gem
 CVE-2013-7465 (Ice Cold Apps Servers Ultimate 6.0.2(12) does not require ...)
 	NOT-FOR-US: Ice Cold Apps Servers Ultimate
 CVE-2018-17983 (cext/manifest.c in Mercurial before 4.7.2 has an out-of-bounds read ...)
@@ -495,9 +495,9 @@ CVE-2018-17794 (An issue was discovered in cplus-dem.c in GNU libiberty, as dist
 	[jessie] - binutils <ignored> (Minor issue)
 	NOTE: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87350
 CVE-2015-9268 (Nullsoft Scriptable Install System (NSIS) before 2.49 has unsafe ...)
-	TODO: check
+	- nsis 2.50-1
 CVE-2015-9267 (Nullsoft Scriptable Install System (NSIS) before 2.49 uses temporary ...)
-	TODO: check
+	- nsis 2.50-1
 CVE-2018-17793 (Virtualenv 16.0.0 allows a sandbox escape via "python $(bash >&2)" and ...)
 	- python-virtualenv <unfixed> (unimportant)
 	NOTE: https://github.com/pypa/virtualenv/issues/1207



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/0724e67e3437126c7d2dcff9525e73a23952e32f

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/0724e67e3437126c7d2dcff9525e73a23952e32f
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181006/41e5e727/attachment-0001.html>

More information about the debian-security-tracker-commits mailing list