[Git][security-tracker-team/security-tracker][master] ncurses/CVE-2018-19217: semi-duplicate bug report has working POC
Sylvain Beucler
beuc at debian.org
Wed Apr 10 14:32:31 BST 2019
Sylvain Beucler pushed to branch master at Debian Security Tracker / security-tracker
Commits:
62946a39 by Sylvain Beucler at 2019-04-10T13:31:59Z
ncurses/CVE-2018-19217: semi-duplicate bug report has working POC
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -29813,7 +29813,8 @@ CVE-2018-19218 (In LibSass 3.5-stable, there is an illegal address access at Sas
CVE-2018-19217 (In ncurses 6.1, there is a NULL pointer dereference at the function _n ...)
- ncurses <undetermined>
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1643753
- NOTE: On Jessie the POC does not trigger a segfault.
+ NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1643754
+ NOTE: On Jessie poc0 does not trigger a segfault, poc1 does (with both 5.9 and recompiled 6.1)
CVE-2018-19216 (Netwide Assembler (NASM) before 2.13.02 has a use-after-free in detoke ...)
- nasm 2.13.02-0.1
[stretch] - nasm <no-dsa> (Minor issue)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/62946a392ad6aa2a26eaca0eb84a372d5412a6ba
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/62946a392ad6aa2a26eaca0eb84a372d5412a6ba
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190410/a4d4c960/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list