[Git][security-tracker-team/security-tracker][master] Add CVE-2019-18388 and CVE-2019-18390 for virglrenderer
Salvatore Bonaccorso
carnil at debian.org
Mon Dec 23 21:35:56 GMT 2019
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
eca49dcd by Salvatore Bonaccorso at 2019-12-23T21:35:17Z
Add CVE-2019-18388 and CVE-2019-18390 for virglrenderer
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -10738,13 +10738,19 @@ CVE-2019-18391 (A heap-based buffer overflow in the vrend_renderer_transfer_writ
NOTE: https://gitlab.freedesktop.org/virgl/virglrenderer/merge_requests/314
NOTE: https://gitlab.freedesktop.org/virgl/virglrenderer/commit/2abeb1802e3c005b17a7123e382171b3fb665971
CVE-2019-18390 (An out-of-bounds read in the vrend_blit_need_swizzle function in vrend ...)
- TODO: check
+ - virglrenderer 0.8.1-1
+ NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1765584
+ NOTE: https://gitlab.freedesktop.org/virgl/virglrenderer/commit/24f67de7a9088a873844a39be03cee6882260ac9
+ NOTE: https://gitlab.freedesktop.org/virgl/virglrenderer/merge_requests/314/diffs?commit_id=d2cdbcf6a8f2317f250fd54f08aa35dde2fa3e30#3cd772559e0d73afa136d6818023cfd0c4c8ecc0_0_151
CVE-2019-18389 (A heap-based buffer overflow in the vrend_renderer_transfer_write_iov ...)
- virglrenderer 0.8.1-1 (bug #946942)
NOTE: https://gitlab.freedesktop.org/virgl/virglrenderer/merge_requests/314
NOTE: https://gitlab.freedesktop.org/virgl/virglrenderer/commit/cbc8d8b75be360236cada63784046688aeb6d921
CVE-2019-18388 (A NULL pointer dereference in vrend_renderer.c in virglrenderer throug ...)
- TODO: check
+ - virglrenderer 0.8.1-1
+ NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1765578
+ NOTE: https://gitlab.freedesktop.org/virgl/virglrenderer/commit/0d9a2c88dc3a70023541b3260b9f00c982abda16
+ NOTE: https://gitlab.freedesktop.org/virgl/virglrenderer/merge_requests/314/diffs?commit_id=d2cdbcf6a8f2317f250fd54f08aa35dde2fa3e30#diff-content-3cd772559e0d73afa136d6818023cfd0c4c8ecc0
CVE-2019-18387 (Sourcecodester Hotel and Lodge Management System 1.0 is vulnerable to ...)
NOT-FOR-US: Sourcecodester Hotel and Lodge Management System
CVE-2019-18386
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/eca49dcdde2c108b65a05b30f8f3c1b0a64b1064
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/eca49dcdde2c108b65a05b30f8f3c1b0a64b1064
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20191223/73107d1f/attachment.html>
More information about the debian-security-tracker-commits
mailing list