[Git][security-tracker-team/security-tracker][master] openexr no-dsa
Moritz Muehlenhoff
jmm at debian.org
Wed Oct 24 22:24:23 BST 2018
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
3c030c22 by Moritz Muehlenhoff at 2018-10-24T21:23:39Z
openexr no-dsa
thunar non-issue
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -459,8 +459,8 @@ CVE-2018-18444 (makeMultiView.cpp in exrmultiview in OpenEXR 2.3.0 has an out-of
NOTE: Issue in exrmultiview which is not installed in the binary package.
CVE-2018-18443 (OpenEXR 2.3.0 has a memory leak in ThreadPool in ...)
- openexr <unfixed>
+ [stretch] - openexr <no-dsa> (Minor issue)
NOTE: https://github.com/openexr/openexr/issues/350
- TODO: check, the issue seems not located in the (not-installed) exrmultiview tool, but in library, but no upstream response yet
CVE-2018-18442
RESERVED
CVE-2018-18441
@@ -570,9 +570,9 @@ CVE-2018-18400
CVE-2018-18399
RESERVED
CVE-2018-18398 (Xfce Thunar 1.6.15, when Xfce 4.12 is used, mishandles the IBus-Unikey ...)
- - thunar <undetermined>
+ - thunar <unfixed> (unimportant)
NOTE: https://0xd0ff9.wordpress.com/2018/10/18/cve-2018-18398/
- TODO: check, unclear/information lacking report, unclear if later thunar versions affected, unclear upstream reporting status
+ NOTE: no security impact, crash in end user tool
CVE-2018-18397
RESERVED
CVE-2018-18396 (Remote Code Execution in Moxa ThingsPro IIoT Gateway and Device ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/3c030c22f45ead66fe1e4ccac5d85982cbecf478
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/3c030c22f45ead66fe1e4ccac5d85982cbecf478
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181024/a8eba0fc/attachment.html>
More information about the debian-security-tracker-commits
mailing list