[Git][security-tracker-team/security-tracker][master] 3 commits: Mark CVE-2018-17019 as no-dsa for stretch

Salvatore Bonaccorso carnil at debian.org
Thu Sep 13 21:44:15 BST 2018 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
3f7d06a6 by Salvatore Bonaccorso at 2018-09-13T20:39:50Z
Mark CVE-2018-17019 as no-dsa for stretch

- - - - -
c19cabb8 by Salvatore Bonaccorso at 2018-09-13T20:43:31Z
Add bug reference for CVE-2018-17019/bro

- - - - -
446c6a5c by Salvatore Bonaccorso at 2018-09-13T20:43:32Z
Add bug reference for CVE-2018-17000/tiff

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -7,7 +7,8 @@ CVE-2018-17021 (Cross-site scripting (XSS) vulnerability on ASUS GT-AC5300 devic
 CVE-2018-17020 (ASUS GT-AC5300 devices with firmware through 3.0.0.4.384_32738 allow ...)
 	NOT-FOR-US: ASUS GT-AC5300 devices
 CVE-2018-17019 (In Bro through 2.5.5, there is a DoS in IRC protocol names command ...)
-	- bro <unfixed>
+	- bro <unfixed> (bug #908779)
+	[stretch] - bro <no-dsa> (Minor issue)
 	NOTE: https://github.com/bro/bro/commit/c2b18849f8bb833253538f5dfedb4ed1dc176a30
 CVE-2018-17018 (An issue was discovered on TP-Link TL-WR886N 6.0 2.3.4 and TL-WR886N ...)
 	NOT-FOR-US: TP-Link
@@ -46,7 +47,7 @@ CVE-2018-17002
 CVE-2018-17001
 	RESERVED
 CVE-2018-17000 (A NULL pointer dereference in the function _TIFFmemcmp at tif_unix.c ...)
-	- tiff <unfixed>
+	- tiff <unfixed> (bug #908778)
 	- tiff3 <removed>
 	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2811
 CVE-2018-16999 (Netwide Assembler (NASM) 2.14rc15 has an invalid memory write ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/2880763a5f7856c87104cde057bf1be514b22e75...446c6a5c0136a5a3562c7ed2df6437adb4a4011e

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/2880763a5f7856c87104cde057bf1be514b22e75...446c6a5c0136a5a3562c7ed2df6437adb4a4011e
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180913/7202640f/attachment.html>

More information about the debian-security-tracker-commits mailing list