[Git][security-tracker-team/security-tracker][master] Three ghostscript CVEs adressed in unstable

Salvatore Bonaccorso carnil at debian.org
Fri Oct 19 04:05:20 BST 2018 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
abdeb5bb by Salvatore Bonaccorso at 2018-10-19T03:04:51Z
Three ghostscript CVEs adressed in unstable

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -451,7 +451,7 @@ CVE-2018-18285
 	RESERVED
 CVE-2018-18284 [1Policy operator gives access to .forceput]
 	RESERVED
-	- ghostscript <unfixed> (bug #911175)
+	- ghostscript 9.25~dfsg-3 (bug #911175)
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=699963
 	NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=1696
 	NOTE: https://www.openwall.com/lists/oss-security/2018/10/16/2
@@ -1073,7 +1073,7 @@ CVE-2018-18074 (The Requests package through 2.19.1 before 2018-09-14 for Python
 	NOTE: https://github.com/requests/requests/pull/4718
 	NOTE: https://github.com/requests/requests/commit/c45d7c49ea75133e52ab22a8e9e13173938e36ff
 CVE-2018-18073 (Artifex Ghostscript allows attackers to bypass a sandbox protection ...)
-	- ghostscript <unfixed> (bug #910758)
+	- ghostscript 9.25~dfsg-3 (bug #910758)
 	NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=1690
 	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=699927
 	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=34cc326eb2c5695833361887fe0b32e8d987741c
@@ -1383,7 +1383,7 @@ CVE-2018-17962 (Qemu has a Buffer Overflow in pcnet_receive in hw/net/pcnet.c be
 	- qemu-kvm <removed>
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2018-09/msg03268.html
 CVE-2018-17961 (Artifex Ghostscript 9.25 and earlier allows attackers to bypass a ...)
-	- ghostscript <unfixed> (bug #910678)
+	- ghostscript 9.25~dfsg-3 (bug #910678)
 	NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=1682
 	NOTE: https://www.openwall.com/lists/oss-security/2018/10/09/4
 	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=a54c9e61e7d02bbc620bcba9b1c208462a876afb



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/abdeb5bb7fc472e46384f61cf65f21bd6e7a96d5

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/abdeb5bb7fc472e46384f61cf65f21bd6e7a96d5
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181019/ccba0a7e/attachment.html>

More information about the debian-security-tracker-commits mailing list