[Git][security-tracker-team/security-tracker][master] Add more references for CVE-2018-1686{4,5,6}/systemd
Salvatore Bonaccorso
carnil at debian.org
Thu Jan 10 16:36:19 GMT 2019
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
a40df52a by Salvatore Bonaccorso at 2019-01-10T16:35:48Z
Add more references for CVE-2018-1686{4,5,6}/systemd
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -21743,20 +21743,26 @@ CVE-2018-16866 [information leak, out-of-bounds read]
NOTE: Fixed by: https://github.com/systemd/systemd/commit/a6aadf4ae0bae185dc4c414d492a4a781c80ffe5 (v240) [1/2]
NOTE: Fixed by: https://github.com/systemd/systemd/commit/8595102d3ddde6d25c282f965573a6de34ab4421 (v240) [2/2]
NOTE: https://www.openwall.com/lists/oss-security/2019/01/09/3
+ NOTE: https://www.qualys.com/2019/01/09/system-down/system-down.txt
CVE-2018-16865 [memory corruption]
RESERVED
- systemd <unfixed> (bug #918848)
NOTE: Intorduced in: https://github.com/systemd/systemd/commit/cf244689e9d1ab50082c9ddd0f3c4d1eb982badc (v38)
NOTE: Exploitable since: https://github.com/systemd/systemd/commit/c4aa09b06f835c91cea9e021df4c3605cff2318d (v201)
+ NOTE: Fixed by: https://github.com/systemd/systemd/commit/052c57f132f04a3cf4148f87561618da1a6908b4
+ NOTE: Fixed by: https://github.com/systemd/systemd/commit/ef4d6abe7c7fab6cbff975b32e76b09feee56074
NOTE: Fixes for master: https://github.com/systemd/systemd/pull/11374
NOTE: https://www.openwall.com/lists/oss-security/2019/01/09/3
+ NOTE: https://www.qualys.com/2019/01/09/system-down/system-down.txt
CVE-2018-16864 [memory corruption]
RESERVED
- systemd <unfixed> (bug #918841)
NOTE: Introduced in: https://github.com/systemd/systemd/commit/ae018d9bc900d6355dea4af05119b49c67945184 (v203)
NOTE: Exploitable since: https://github.com/systemd/systemd/commit/ac2e41f5103ce2c679089c4f8fb6be61d7caec07 (v230)
+ NOTE: Fixed by: https://github.com/systemd/systemd/commit/084eeb865ca63887098e0945fb4e93c852b91b0f
NOTE: Fixes for master: https://github.com/systemd/systemd/pull/11374
NOTE: https://www.openwall.com/lists/oss-security/2019/01/09/3
+ NOTE: https://www.qualys.com/2019/01/09/system-down/system-down.txt
CVE-2018-16863 (It was found that RHSA-2018:2918 did not fully fix CVE-2018-16509. An ...)
- ghostscript <not-affected> (Red Hat-specific issue)
NOTE: Debian updates backported all fixes to released suites
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/a40df52a2bec30059ed9caec706d05ef5db995d4
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/a40df52a2bec30059ed9caec706d05ef5db995d4
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190110/f0a69f0a/attachment.html>
More information about the debian-security-tracker-commits
mailing list