[Git][security-tracker-team/security-tracker][master] ledger fixed

[Moritz Muehlenhoff]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
8b1c1c13 by Moritz Muehlenhoff at 2019-02-06T11:56:56Z
ledger fixed

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -87387,7 +87387,7 @@ CVE-2017-12484
 CVE-2017-12483
 	RESERVED
 CVE-2017-12482 (The ledger::parse_date_mask_routine function in times.cc in Ledger ...)
-	- ledger <unfixed> (low; bug #870900)
+	- ledger 3.1.2+dfsg1-1 (low; bug #870900)
 	[stretch] - ledger <no-dsa> (Minor issue)
 	[jessie] - ledger <no-dsa> (Minor issue)
 	[wheezy] - ledger <no-dsa> (Minor issue)
@@ -87395,7 +87395,7 @@ CVE-2017-12482 (The ledger::parse_date_mask_routine function in times.cc in Ledg
 	NOTE: https://github.com/ledger/ledger/issues/1224
 	NOTE: https://github.com/ledger/ledger/commit/7c0ae5b02571e21f97d45f5d091cb78af9885713
 CVE-2017-12481 (The find_option function in option.cc in Ledger 3.1.1 allows remote ...)
-	- ledger <unfixed> (low; bug #870900)
+	- ledger 3.1.2+dfsg1-1 (low; bug #870900)
 	[stretch] - ledger <no-dsa> (Minor issue)
 	[jessie] - ledger <no-dsa> (Minor issue)
 	[wheezy] - ledger <no-dsa> (Minor issue)
@@ -117339,7 +117339,7 @@ CVE-2017-2810 (An exploitable vulnerability exists in the Databook loading ...)
 CVE-2017-2809 (An exploitable vulnerability exists in the yaml loading functionality ...)
 	NOT-FOR-US: Ansible Vault
 CVE-2017-2808 (An exploitable use-after-free vulnerability exists in the account ...)
-	- ledger <unfixed> (low; bug #876659)
+	- ledger 3.1.2+dfsg1-1 (low; bug #876659)
 	[stretch] - ledger <no-dsa> (Minor issue)
 	[jessie] - ledger <no-dsa> (Minor issue)
 	[wheezy] - ledger <no-dsa> (Minor issue)
@@ -117347,7 +117347,7 @@ CVE-2017-2808 (An exploitable use-after-free vulnerability exists in the account
 	NOTE: https://github.com/ledger/ledger/issues/1723
 	NOTE: https://github.com/ledger/ledger/commit/f3bad93db256db07b6cb831d4d24f47543f57e4a
 CVE-2017-2807 (An exploitable buffer overflow vulnerability exists in the tag parsing ...)
-	- ledger <unfixed> (low; bug #876660)
+	- ledger 3.1.2+dfsg1-1 (low; bug #876660)
 	[stretch] - ledger <no-dsa> (Minor issue)
 	[jessie] - ledger <no-dsa> (Minor issue)
 	[wheezy] - ledger <no-dsa> (Minor issue)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/8b1c1c13befc82e6f998114e71a692d7ea7ad6b9

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/8b1c1c13befc82e6f998114e71a692d7ea7ad6b9
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190206/a653b99b/attachment.html>