[Git][security-tracker-team/security-tracker][master] Add CVE-2018-1000810/rustc
Salvatore Bonaccorso
carnil at debian.org
Tue Oct 9 08:27:19 BST 2018
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
a5ce79b4 by Salvatore Bonaccorso at 2018-10-09T07:26:27Z
Add CVE-2018-1000810/rustc
According to the advisory this was fixed in 1.29.1. Not checked is if
the version in experimental, did contain the fix as well already.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -27,7 +27,10 @@ CVE-2018-18057
CVE-2018-18056
RESERVED
CVE-2018-1000810 (The Rust Programming Language Standard Library version 1.29.0, 1.28.0, ...)
- TODO: check
+ - rustc <unfixed>
+ NOTE: https://blog.rust-lang.org/2018/09/21/Security-advisory-for-std.html
+ NOTE: https://groups.google.com/forum/#!topic/rustlang-security-announcements/CmSuTm-SaU0
+ NOTE: Fixed upstream in 1.29.1
CVE-2018-1000809 (privacyIDEA version 2.23.1 and earlier contains a Improper Input ...)
TODO: check
CVE-2018-1000808 (Python Cryptographic Authority pyopenssl version Before 17.5.0 ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/a5ce79b4bb9cff4e7c3363bc1827f802890f7990
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/a5ce79b4bb9cff4e7c3363bc1827f802890f7990
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181009/d1e8b0a4/attachment.html>
More information about the debian-security-tracker-commits
mailing list