[Git][security-tracker-team/security-tracker][master] Add fixed versions for CVE-2018-1686{4,5}/systemd
Salvatore Bonaccorso
carnil at debian.org
Sun Jan 13 07:30:14 GMT 2019
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
a3c75fcd by Salvatore Bonaccorso at 2019-01-13T07:29:33Z
Add fixed versions for CVE-2018-1686{4,5}/systemd
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -22590,7 +22590,7 @@ CVE-2018-16866 (An out of bounds read was discovered in systemd-journald in the
NOTE: https://www.openwall.com/lists/oss-security/2019/01/09/3
NOTE: https://www.qualys.com/2019/01/09/system-down/system-down.txt
CVE-2018-16865 (An allocation of memory without limits, that could result in the stack ...)
- - systemd <unfixed> (bug #918848)
+ - systemd 240-4 (bug #918848)
NOTE: Intorduced in: https://github.com/systemd/systemd/commit/cf244689e9d1ab50082c9ddd0f3c4d1eb982badc (v38)
NOTE: Exploitable since: https://github.com/systemd/systemd/commit/c4aa09b06f835c91cea9e021df4c3605cff2318d (v201)
NOTE: Fixed by: https://github.com/systemd/systemd/commit/052c57f132f04a3cf4148f87561618da1a6908b4
@@ -22599,7 +22599,7 @@ CVE-2018-16865 (An allocation of memory without limits, that could result in the
NOTE: https://www.openwall.com/lists/oss-security/2019/01/09/3
NOTE: https://www.qualys.com/2019/01/09/system-down/system-down.txt
CVE-2018-16864 (An allocation of memory without limits, that could result in the stack ...)
- - systemd <unfixed> (bug #918841)
+ - systemd 240-4 (bug #918841)
NOTE: Introduced in: https://github.com/systemd/systemd/commit/ae018d9bc900d6355dea4af05119b49c67945184 (v203)
NOTE: Exploitable since: https://github.com/systemd/systemd/commit/ac2e41f5103ce2c679089c4f8fb6be61d7caec07 (v230)
NOTE: Fixed by: https://github.com/systemd/systemd/commit/084eeb865ca63887098e0945fb4e93c852b91b0f
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/a3c75fcdffe4475e1ac451db92c86111c9f55410
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/a3c75fcdffe4475e1ac451db92c86111c9f55410
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190113/fc62f5b3/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list