[Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2018-1000035/unzip
Salvatore Bonaccorso
carnil at debian.org
Sat Feb 9 20:12:37 GMT 2019
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
265a0820 by Salvatore Bonaccorso at 2019-02-09T20:12:14Z
Add fixed version for CVE-2018-1000035/unzip
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -54210,7 +54210,7 @@ CVE-2018-1000036 (In MuPDF 1.12.0 and earlier, multiple memory leaks in the PDF
NOTE: http://git.ghostscript.com/?p=mupdf.git;h=985fdcfc117a3bd4bc097cdcae8347b3787fbab2
NOTE: negligible security impact, memory leak in CLI tool
CVE-2018-1000035 (A heap-based buffer overflow exists in Info-Zip UnZip version <= 6.00 ...)
- - unzip <unfixed> (bug #889838)
+ - unzip 6.0-22 (bug #889838)
[stretch] - unzip <no-dsa> (Harmless crash, builds with fortified source)
[jessie] - unzip <no-dsa> (Harmless crash, builds with fortified source)
[wheezy] - unzip <no-dsa> (Harmless crash, builds with fortified source)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/265a08200f2211c6b90c39de631b8bcae2c85e44
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/265a08200f2211c6b90c39de631b8bcae2c85e44
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190209/a6f27717/attachment.html>
More information about the debian-security-tracker-commits
mailing list