[Git][security-tracker-team/security-tracker][master] Add new libredwg issues

Salvatore Bonaccorso carnil at debian.org
Fri Dec 27 08:39:52 GMT 2019 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
ef3ee518 by Salvatore Bonaccorso at 2019-12-27T08:39:23Z
Add new libredwg issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -63,19 +63,19 @@ CVE-2019-20017 (A stack-based buffer over-read was discovered in Mat_VarReadNext
 CVE-2019-20016 (libmysofa 0.9 does not properly restrict recursive function calls, as  ...)
 	TODO: check
 CVE-2019-20015 (An issue was discovered in GNU LibreDWG 0.92. Crafted input will lead  ...)
-	TODO: check
+	- libredwg <itp> (bug #595191)
 CVE-2019-20014 (An issue was discovered in GNU LibreDWG before 0.93. There is a double ...)
-	TODO: check
+	- libredwg <itp> (bug #595191)
 CVE-2019-20013 (An issue was discovered in GNU LibreDWG before 0.93. Crafted input wil ...)
-	TODO: check
+	- libredwg <itp> (bug #595191)
 CVE-2019-20012 (An issue was discovered in GNU LibreDWG 0.92. Crafted input will lead  ...)
-	TODO: check
+	- libredwg <itp> (bug #595191)
 CVE-2019-20011 (An issue was discovered in GNU LibreDWG 0.92. There is a heap-based bu ...)
-	TODO: check
+	- libredwg <itp> (bug #595191)
 CVE-2019-20010 (An issue was discovered in GNU LibreDWG 0.92. There is a use-after-fre ...)
-	TODO: check
+	- libredwg <itp> (bug #595191)
 CVE-2019-20009 (An issue was discovered in GNU LibreDWG before 0.93. Crafted input wil ...)
-	TODO: check
+	- libredwg <itp> (bug #595191)
 CVE-2019-20008 (In Archery before 1.3, inserting an XSS payload into a project name (e ...)
 	TODO: check
 CVE-2019-20007 (An issue was discovered in ezXML 0.8.2 through 0.8.6. The function ezx ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/ef3ee518829c160cb60ecefc108091fb60880e4c

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/ef3ee518829c160cb60ecefc108091fb60880e4c
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20191227/370ef524/attachment.html>

More information about the debian-security-tracker-commits mailing list