[Git][security-tracker-team/security-tracker][master] Add CVE-2018-1000888/php-pear
Salvatore Bonaccorso
carnil at debian.org
Sat Jan 12 20:53:20 GMT 2019
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
99bdeecb by Salvatore Bonaccorso at 2019-01-12T20:52:41Z
Add CVE-2018-1000888/php-pear
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -6365,7 +6365,9 @@ CVE-2018-1000890 (FrontAccounting 2.4.5 contains a Time Based Blind SQL Injectio
CVE-2018-1000889 (Logisim Evolution version 2.14.3 and earlier contains an XML External ...)
NOT-FOR-US: Logisim Evolution
CVE-2018-1000888 (PEAR Archive_Tar version 1.4.3 and earlier contains a CWE-502, CWE-915 ...)
- TODO: check
+ - php-pear <unfixed>
+ NOTE: https://pear.php.net/bugs/bug.php?id=23782
+ NOTE: https://github.com/pear/Archive_Tar/commit/59ace120ac5ceb5f0d36e40e48e1884de1badf76
CVE-2018-1000887 (Peel shopping peel-shopping_9_1_0 version contains a Cross Site ...)
NOT-FOR-US: Peel shopping
CVE-2018-20511 (An issue was discovered in the Linux kernel before 4.18.11. The ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/99bdeecbb49f756d810c241b6bc7fd33b8cdc225
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/99bdeecbb49f756d810c241b6bc7fd33b8cdc225
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190112/0862302d/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list