[Git][security-tracker-team/security-tracker][master] patch refs
Moritz Muehlenhoff
jmm at debian.org
Fri Feb 22 21:49:47 GMT 2019
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
aacec4f3 by Moritz Muehlenhoff at 2019-02-22T21:49:24Z
patch refs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -12988,16 +12988,19 @@ CVE-2018-20534 (There is an illegal address access at src/pool.h (function ...)
[stretch] - libsolv <ignored> (Minor issue)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1652604
NOTE: https://github.com/openSUSE/libsolv/pull/291
+ NOTE: https://github.com/openSUSE/libsolv/commit/4830af9d979d3685de538b80fbeba51ad590525e
CVE-2018-20533 (There is a NULL pointer dereference at ext/testcase.c (function ...)
- libsolv <unfixed> (low)
[stretch] - libsolv <ignored> (Minor issue)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1652599
NOTE: https://github.com/openSUSE/libsolv/pull/291
+ NOTE: https://github.com/openSUSE/libsolv/commit/4830af9d979d3685de538b80fbeba51ad590525e
CVE-2018-20532 (There is a NULL pointer dereference at ext/testcase.c (function ...)
- libsolv <unfixed> (low)
[stretch] - libsolv <ignored> (Minor issue)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1652605
NOTE: https://github.com/openSUSE/libsolv/pull/291
+ NOTE: https://github.com/openSUSE/libsolv/commit/4830af9d979d3685de538b80fbeba51ad590525e
CVE-2018-20531
RESERVED
CVE-2018-20530 (PHP Scripts Mall Website Seller Script 2.0.5 has XSS via a Profile ...)
@@ -82549,7 +82552,7 @@ CVE-2017-15233
RESERVED
CVE-2017-15232 (libjpeg-turbo 1.5.2 has a NULL Pointer Dereference in jdpostct.c and ...)
- libjpeg-turbo <unfixed> (low; bug #878567)
- [stretch] - libjpeg-turbo <no-dsa> (Minor issue)
+ [stretch] - libjpeg-turbo <ignored> (Minor issue)
[jessie] - libjpeg-turbo <no-dsa> (Minor issue)
- libjpeg6b <not-affected> (Vulnerable code not present)
- libjpeg8 <not-affected> (Vulnerable code not present)
@@ -82557,6 +82560,8 @@ CVE-2017-15232 (libjpeg-turbo 1.5.2 has a NULL Pointer Dereference in jdpostct.c
NOTE: https://github.com/libjpeg-turbo/libjpeg-turbo/pull/182
NOTE: https://github.com/mozilla/mozjpeg/issues/268
NOTE: IJG libjpeg releases not affected, see https://lists.debian.org/debian-lts/2017/10/msg00061.html
+ NOTE: https://github.com/libjpeg-turbo/libjpeg-turbo/commit/073b0e88a192adebbb479ee2456beb089d8b5de7
+ NOTE: https://github.com/libjpeg-turbo/libjpeg-turbo/commit/5bc43c7821df982f65aa1c738f67fbf7cba8bd69
CVE-2017-15231
RESERVED
CVE-2017-15230
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/aacec4f3789b767d39514c8e225a092f9c2ca81c
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/aacec4f3789b767d39514c8e225a092f9c2ca81c
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190222/5d0b12ef/attachment.html>
More information about the debian-security-tracker-commits
mailing list