[Git][security-tracker-team/security-tracker][master] Add CVE-2018-20657/binutils

Wed Jan 2 20:41:12 GMT 2019

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
8f2bcbaa by Salvatore Bonaccorso at 2019-01-02T20:37:00Z
Add CVE-2018-20657/binutils

Marking the issue as ignored for stretch.

Marked the issue in accordance with CVE-2018-12698 (as the related
issue) as well already as ignored for jessie assuming the LTS team is
fine with that move (If not I can revert the change).

Add reference to upstream issue, which likely will only be adressed in
the bullseye release cycle anyway and then merged into binutils.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -166,7 +166,10 @@ CVE-2018-20659 (An issue was discovered in Bento4 1.5.1-627. The AP4_StcoAtom cl
 CVE-2018-20658 (The server in Core FTP 2.0 build 653 on 32-bit platforms allows remote ...)
 	TODO: check
 CVE-2018-20657 (The demangle_template function in cplus-dem.c in GNU libiberty, as ...)
-	TODO: check
+	- binutils <unfixed> (low)
+	[stretch] - binutils <ignored> (Minor issue)
+	[jessie] - binutils <ignored> (Minor issue)
+	NOTE: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=88539
 CVE-2018-20656
 	RESERVED
 CVE-2018-20655



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/8f2bcbaad4ae8f37f4f23341c9f8db745437198b

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/8f2bcbaad4ae8f37f4f23341c9f8db745437198b
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190102/d7c5c0e9/attachment.html>
