[Git][security-tracker-team/security-tracker][master] file two docker bugs

Antoine Beaupré anarcat at debian.org
Wed Sep 5 15:44:31 BST 2018 

Antoine Beaupré pushed to branch master at Debian Security Tracker / security-tracker


Commits:
5d932d56 by Antoine Beaupré at 2018-09-05T14:44:09Z
file two docker bugs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -14099,7 +14099,7 @@ CVE-2018-10893 [Insufficient encoding checks for LZ can cause different integer/
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1598234
 	NOTE: Ongoing patch review: https://lists.freedesktop.org/archives/spice-devel/2018-July/044489.html
 CVE-2018-10892 (The default OCI linux spec in oci/defaults{_linux}.go in Docker/Moby ...)
-	- docker.io <unfixed>
+	- docker.io <unfixed> (bug #908057)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1598581
 CVE-2018-10891 (A flaw was found in moodle before versions 3.5.1, 3.4.4, 3.3.7, ...)
 	- moodle <removed>
@@ -51756,8 +51756,8 @@ CVE-2017-14994 (ReadDCMImage in coders/dcm.c in GraphicsMagick 1.3.26 allows rem
 CVE-2017-14993 (OXID eShop Community Edition before 6.0.0 RC3 (development), 4.10.x ...)
 	NOT-FOR-US: OXID eShop Community Edition
 CVE-2017-14992 (Lack of content verification in Docker-CE (Also known as Moby) ...)
-	- docker.io <unfixed>
-	- golang-github-vbatts-tar-split 0.10.2-1
+	- docker.io <unfixed> (bug #908055)
+	- golang-github-vbatts-tar-split 0.10.2-1 (bug #908056)
 	[stretch] - golang-github-vbatts-tar-split <no-dsa> (Minor issue)
 	NOTE: Issue needs to be fixed in src:golang-github-vbatts-tar-split first
 	NOTE: https://github.com/vbatts/tar-split/issues/41



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/5d932d560b3fe200854a49c0efe415d81bf2d973

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/5d932d560b3fe200854a49c0efe415d81bf2d973
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180905/f8eb406c/attachment.html>

More information about the debian-security-tracker-commits mailing list