[Git][security-tracker-team/security-tracker][master] Add CVE-2018-1000805/paramiko
Salvatore Bonaccorso
carnil at debian.org
Wed Oct 10 07:30:35 BST 2018
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
1e0b6c30 by Salvatore Bonaccorso at 2018-10-10T06:15:26Z
Add CVE-2018-1000805/paramiko
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -288,7 +288,9 @@ CVE-2018-1000807 (Python Cryptographic Authority pyopenssl version prior to vers
NOTE: https://github.com/pyca/pyopenssl/pull/723
NOTE: https://github.com/pyca/pyopenssl/commit/e73818600065821d588af475b024f4eb518c3509
CVE-2018-1000805 (Paramiko version 2.4.1, 2.3.2, 2.2.3, 2.1.5, 2.0.8, 1.18.5, 1.17.6 ...)
- TODO: check
+ - paramiko <unfixed>
+ NOTE: https://github.com/paramiko/paramiko/issues/1283
+ NOTE: https://github.com/paramiko/paramiko/commit/56c96a659658acdbb873aef8809a7b508434dcce
CVE-2018-1000804 (contiki-ng version 4 contains a Buffer Overflow vulnerability in AQL ...)
NOT-FOR-US: contiki-ng
CVE-2018-1000803 (Gitea version prior to version 1.5.1 contains a CWE-200 vulnerability ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/1e0b6c30cfea4373ed14fe2359c5006a11be0c12
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/1e0b6c30cfea4373ed14fe2359c5006a11be0c12
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181010/d1931005/attachment.html>
More information about the debian-security-tracker-commits
mailing list