[Git][security-tracker-team/security-tracker][master] Track cimg fixes in unstable

Salvatore Bonaccorso carnil at debian.org
Tue Sep 18 21:17:19 BST 2018 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
f1c62133 by Salvatore Bonaccorso at 2018-09-18T20:16:48Z
Track cimg fixes in unstable

One needs to be checked if fixed.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -24223,35 +24223,35 @@ CVE-2018-7642 (The swap_std_reloc_in function in aoutx.h in the Binary File Desc
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22887
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=116acb2c268c89c89186673a7c92620d21825b25
 CVE-2018-7641 (An issue was discovered in CImg v.220. A heap-based buffer over-read in ...)
-	- cimg <unfixed> (low; bug #892780)
+	- cimg 2.3.6+dfsg-1 (low; bug #892780)
 	[stretch] - cimg <no-dsa> (Minor issue)
 	[jessie] - cimg <no-dsa> (Minor issue)
 	[wheezy] - cimg <no-dsa> (Minor issue)
 	NOTE: https://github.com/dtschump/CImg/issues/185
 	NOTE: https://github.com/dtschump/CImg/commit/10af1e8c1ad2a58a0a3342a856bae63e8f257abb
 CVE-2018-7640 (An issue was discovered in CImg v.220. A heap-based buffer over-read in ...)
-	- cimg <unfixed> (low; bug #892780)
+	- cimg 2.3.6+dfsg-1 (low; bug #892780)
 	[stretch] - cimg <no-dsa> (Minor issue)
 	[jessie] - cimg <no-dsa> (Minor issue)
 	[wheezy] - cimg <no-dsa> (Minor issue)
 	NOTE: https://github.com/dtschump/CImg/issues/185
 	NOTE: https://github.com/dtschump/CImg/commit/10af1e8c1ad2a58a0a3342a856bae63e8f257abb
 CVE-2018-7639 (An issue was discovered in CImg v.220. A heap-based buffer over-read in ...)
-	- cimg <unfixed> (low; bug #892780)
+	- cimg 2.3.6+dfsg-1 (low; bug #892780)
 	[stretch] - cimg <no-dsa> (Minor issue)
 	[jessie] - cimg <no-dsa> (Minor issue)
 	[wheezy] - cimg <no-dsa> (Minor issue)
 	NOTE: https://github.com/dtschump/CImg/issues/185
 	NOTE: https://github.com/dtschump/CImg/commit/10af1e8c1ad2a58a0a3342a856bae63e8f257abb
 CVE-2018-7638 (An issue was discovered in CImg v.220. A heap-based buffer over-read in ...)
-	- cimg <unfixed> (low; bug #892780)
+	- cimg 2.3.6+dfsg-1 (low; bug #892780)
 	[stretch] - cimg <no-dsa> (Minor issue)
 	[jessie] - cimg <no-dsa> (Minor issue)
 	[wheezy] - cimg <no-dsa> (Minor issue)
 	NOTE: https://github.com/dtschump/CImg/issues/185
 	NOTE: https://github.com/dtschump/CImg/commit/10af1e8c1ad2a58a0a3342a856bae63e8f257abb
 CVE-2018-7637 (An issue was discovered in CImg v.220. A heap-based buffer over-read in ...)
-	- cimg <unfixed> (low; bug #892780)
+	- cimg 2.3.6+dfsg-1 (low; bug #892780)
 	[stretch] - cimg <no-dsa> (Minor issue)
 	[jessie] - cimg <no-dsa> (Minor issue)
 	[wheezy] - cimg <no-dsa> (Minor issue)
@@ -24354,14 +24354,14 @@ CVE-2018-7591
 CVE-2018-7590 (CSRF exists in Hoosk 1.7.0 via /admin/users/new/add, resulting in ...)
 	NOT-FOR-US: Hoosk
 CVE-2018-7589 (An issue was discovered in CImg v.220. A double free in load_bmp in ...)
-	- cimg <unfixed> (low; bug #892780)
+	- cimg 2.3.6+dfsg-1 (low; bug #892780)
 	[stretch] - cimg <no-dsa> (Minor issue)
 	[jessie] - cimg <no-dsa> (Minor issue)
 	[wheezy] - cimg <no-dsa> (Minor issue)
 	NOTE: https://github.com/dtschump/CImg/issues/184
 	NOTE: https://github.com/dtschump/CImg/commit/8447076ef22322a14a0ce130837e44c5ba8095f4
 CVE-2018-7588 (An issue was discovered in CImg v.220. A heap-based buffer over-read in ...)
-	- cimg <unfixed> (low; bug #892780)
+	- cimg 2.3.6+dfsg-1 (low; bug #892780)
 	[stretch] - cimg <no-dsa> (Minor issue)
 	[jessie] - cimg <no-dsa> (Minor issue)
 	[wheezy] - cimg <no-dsa> (Minor issue)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/f1c62133f567f9bf10f30092a1095d4a79cd1050

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/f1c62133f567f9bf10f30092a1095d4a79cd1050
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180918/fb8fe9ae/attachment.html>

More information about the debian-security-tracker-commits mailing list