[Git][security-tracker-team/security-tracker][master] nss postponed

Moritz Muehlenhoff jmm at debian.org
Tue Sep 11 20:46:52 BST 2018


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
9d9b624c by Moritz Muehlenhoff at 2018-09-11T19:45:14Z
nss postponed
NFU

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -129,7 +129,7 @@ CVE-2018-16783
 CVE-2018-16782 (libimageworsener.a in ImageWorsener 1.3.2 has a buffer overflow in the ...)
 	NOT-FOR-US: ImageWorsener
 CVE-2018-16781 (ffjpeg.dll in ffjpeg before 2018-08-22 allows remote attackers to cause ...)
-	TODO: check
+	NOT-FOR-US: Some Windows picture viewer using ffmpeg incorrectly
 CVE-2018-16780 (Complete Responsive CMS Blog through 2018-05-20 has XSS via a comment. ...)
 	NOT-FOR-US: Complete Responsive CMS Blog
 CVE-2018-16779 (BlogCMS through 2016-10-25 has XSS via a comment. ...)
@@ -10987,6 +10987,7 @@ CVE-2018-12385
 CVE-2018-12384 [ServerHello.random is all zero when handling a v2-compatible ClientHello]
 	RESERVED
 	- nss 2:3.39-1 (low; bug #908332)
+	[stretch] - nss <postponed> (Minor issue, can be fixed along in future DSA)
 	NOTE: https://hg.mozilla.org/projects/nss/rev/2ed9f6afd84e (NSS_3_39_BRANCH)
 	NOTE: https://hg.mozilla.org/projects/nss/rev/46f9a1f40c3d (NSS_3_36_BRANCH)
 	NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=1483128



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/9d9b624c5895d9209dddd3af451840ed87ac4ccd

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/9d9b624c5895d9209dddd3af451840ed87ac4ccd
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180911/903585b8/attachment.html>


More information about the debian-security-tracker-commits mailing list