[Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2018-10771 and CVE-2018-10753 in unstable

Salvatore Bonaccorso carnil at debian.org
Sun Jan 13 15:46:08 GMT 2019 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
877e60c3 by Salvatore Bonaccorso at 2019-01-13T15:45:52Z
Add fixed version for CVE-2018-10771 and CVE-2018-10753 in unstable

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -38818,7 +38818,7 @@ CVE-2018-10772 (The tEXtToDataBuf function in pngimage.cpp in Exiv2 through 0.26
 	- exiv2 <not-affected> (Vulnerable code introduced after 0.25)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1566260
 CVE-2018-10771 (Stack-based buffer overflow in the get_key function in parse.c in ...)
-	- abcm2ps <unfixed> (unimportant; bug #898130)
+	- abcm2ps 8.14.2-0.1 (unimportant; bug #898130)
 	NOTE: https://github.com/leesavide/abcm2ps/issues/17
 	NOTE: https://github.com/leesavide/abcm2ps/commit/dc0372993674d0b50fedfbf7b9fad1239b8efc5f
 	NOTE: Crash in CLI tool (neutralised by toolchain hardening), no security impact
@@ -38875,7 +38875,7 @@ CVE-2018-10754 (In ncurses before 6.1.20180414, there is a NULL Pointer Derefere
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1566575
 	NOTE: https://invisible-island.net/ncurses/NEWS.html#t20180414
 CVE-2018-10753 (Stack-based buffer overflow in the delayed_output function in music.c ...)
-	- abcm2ps <unfixed> (unimportant; bug #897966)
+	- abcm2ps 8.14.2-0.1 (unimportant; bug #897966)
 	NOTE: https://github.com/leesavide/abcm2ps/issues/16
 	NOTE: https://github.com/leesavide/abcm2ps/commit/fd956e19f88ee32f8ec4aece5901400b06e80bcc
 	NOTE: Crash in CLI tool, no security impact



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/877e60c3673061edf63ab2ee0bbad6763808dfee

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/877e60c3673061edf63ab2ee0bbad6763808dfee
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190113/67720b0f/attachment.html>

More information about the debian-security-tracker-commits mailing list