[Git][security-tracker-team/security-tracker][master] 2 commits: fix for CVE-2018-12086 too intrusive
Thorsten Alteholz
alteholz at debian.org
Sat Oct 20 19:09:07 BST 2018
Thorsten Alteholz pushed to branch master at Debian Security Tracker / security-tracker
Commits:
a004756e by Thorsten Alteholz at 2018-10-20T18:03:09Z
fix for CVE-2018-12086 too intrusive
- - - - -
5583a622 by Thorsten Alteholz at 2018-10-20T18:04:01Z
no CVE left for wireshark
- - - - -
2 changed files:
- data/CVE/list
- data/dla-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -16060,6 +16060,7 @@ CVE-2018-12087 (Failure to validate certificates in OPC Foundation UA Client ...
CVE-2018-12086 (Buffer overflow in OPC UA applications allows remote attackers to ...)
- wireshark 2.6.4-1
[stretch] - wireshark <postponed> (Fix along in next DSA)
+ [jessie] - wireshark <ignored> (changes are too intrusive to backport)
NOTE: https://www.wireshark.org/security/wnpa-sec-2018-50.html
NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=28a7a79cac425d1b1ecf06e73add41edd2241e49
CVE-2018-12085 (Liblouis 3.6.0 has a stack-based Buffer Overflow in the function ...)
=====================================
data/dla-needed.txt
=====================================
@@ -89,5 +89,3 @@ symfony (Thorsten Alteholz)
--
thunderbird (Emilio Pozuelo)
--
-wireshark (Thorsten Alteholz)
---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/4fc8f439df80d8b2f2ff2119505ad7c5104219d3...5583a6225b4ac9ec6dd70c9fddcad68f63af1806
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/4fc8f439df80d8b2f2ff2119505ad7c5104219d3...5583a6225b4ac9ec6dd70c9fddcad68f63af1806
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181020/1ed39f33/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list