[Git][security-tracker-team/security-tracker][master] Update information on CVE-2017-14992/docker.io

Salvatore Bonaccorso carnil at debian.org
Mon Sep 10 07:19:19 BST 2018 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
8b4a5292 by Salvatore Bonaccorso at 2018-09-10T06:18:37Z
Update information on CVE-2017-14992/docker.io

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -52528,13 +52528,15 @@ CVE-2017-14994 (ReadDCMImage in coders/dcm.c in GraphicsMagick 1.3.26 allows rem
 CVE-2017-14993 (OXID eShop Community Edition before 6.0.0 RC3 (development), 4.10.x ...)
 	NOT-FOR-US: OXID eShop Community Edition
 CVE-2017-14992 (Lack of content verification in Docker-CE (Also known as Moby) ...)
-	- docker.io <unfixed> (bug #908055)
+	- docker.io 18.03.1+dfsg1-2 (bug #908055)
 	- golang-github-vbatts-tar-split 0.10.2-1 (bug #908056)
 	[stretch] - golang-github-vbatts-tar-split <no-dsa> (Minor issue)
 	NOTE: Issue needs to be fixed in src:golang-github-vbatts-tar-split first
 	NOTE: https://github.com/vbatts/tar-split/issues/41
 	NOTE: docker.io needs then a rebuild with a fixed golang-github-vbatts-tar-split
 	NOTE: version.
+	NOTE: 17.12.1+dfsg-1 was the first upload (to experimental) using the fixed version
+	NOTE: golang-github-vbatts-tar-split.
 CVE-2017-14991 (The sg_ioctl function in drivers/scsi/sg.c in the Linux kernel before ...)
 	- linux 4.13.4-1
 	[stretch] - linux <not-affected> (Vulnerable code introduced later)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/8b4a5292a3d5e3238971d9b1a1c8c316e57081be

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/8b4a5292a3d5e3238971d9b1a1c8c316e57081be
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180910/2b550b74/attachment.html>

More information about the debian-security-tracker-commits mailing list