[Git][security-tracker-team/security-tracker][master] Update information on CVE-2018-12478
Salvatore Bonaccorso
carnil at debian.org
Fri Oct 26 09:48:23 BST 2018
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
92554219 by Salvatore Bonaccorso at 2018-10-26T08:47:24Z
Update information on CVE-2018-12478
The issue affects the replace_using_package_version addiononal
obs-service which is not part of open-build-service itself and not
packaged in Debian.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -15235,7 +15235,7 @@ CVE-2018-12479 (A Improper Input Validation vulnerability in Open Build Service
NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1108435
NOTE: https://github.com/openSUSE/open-build-service/commit/01b015ca2a320afc4fae823465d1e72da8bd60df
CVE-2018-12478 (A Improper Input Validation vulnerability in Open Build Service allows ...)
- - open-build-service <unfixed> (bug #911797)
+ NOT-FOR-US: obs-service replace_using_package_version
NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1108280
CVE-2018-12477 (A Improper Neutralization of CRLF Sequences vulnerability in Open ...)
NOT-FOR-US: obs-service refresh_patches
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/92554219668b01f920b7d4ae24c0e7daf8d59a98
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/92554219668b01f920b7d4ae24c0e7daf8d59a98
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181026/aeb0f82e/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list