[Git][security-tracker-team/security-tracker][master] Add CVE-2018-16542
Salvatore Bonaccorso
carnil at debian.org
Wed Sep 5 20:05:23 BST 2018
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
7f5ed517 by Salvatore Bonaccorso at 2018-09-05T19:02:36Z
Add CVE-2018-16542
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1480,6 +1480,10 @@ CVE-2018-15878
RESERVED
CVE-2017-18345 (The Joomanager component through 2.0.0 for Joomla! has an arbitrary ...)
NOT-FOR-US: Joomla addon
+CVE-2018-16542
+ - ghostscript 9.22~dfsg-3 (bug #907332)
+ NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=b575e1ec42cc86f6a58c603f2a88fcc2af699cc8
+ NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=699668
CVE-2018-16541
- ghostscript 9.22~dfsg-3 (bug #907332)
NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=241d91112771a6104de10b3948c3f350d6690c1d
@@ -1508,11 +1512,6 @@ CVE-2018-16509 (An issue was discovered in Artifex Ghostscript before 9.24. Inco
NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=78911a01b67d590b4a91afac2e8417360b934156
NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=79cccf641486a6595c43f1de1cd7ade696020a31
NOTE: Partially fixed in 9.22~dfsg-3 but missing one commit as per #907703
-CVE-2018-XXXX [Multiple -dSAFER sandbox bypass vulnerabilities]
- - ghostscript 9.22~dfsg-3 (bug #907332)
- NOTE: https://www.kb.cert.org/vuls/id/332928
- NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=b575e1ec
- NOTE: https://marc.info/?l=oss-security&m=153544835030871&w=2
CVE-2018-XXXX [More required fixes not included in 9.22~dfsg-3]
- ghostscript <unfixed>
NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=971472c83a345a16dac9f90f91258bb22dd77f22
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/7f5ed517d3649bbde94dd03d5afa2bf44764e777
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/7f5ed517d3649bbde94dd03d5afa2bf44764e777
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180905/25ee5ee1/attachment.html>
More information about the debian-security-tracker-commits
mailing list