[Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2018-1000888/php-pear
Salvatore Bonaccorso
carnil at debian.org
Mon Jan 14 11:59:22 GMT 2019
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
2f896acf by Salvatore Bonaccorso at 2019-01-14T11:58:57Z
Add fixed version for CVE-2018-1000888/php-pear
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -6413,7 +6413,7 @@ CVE-2018-1000890 (FrontAccounting 2.4.5 contains a Time Based Blind SQL Injectio
CVE-2018-1000889 (Logisim Evolution version 2.14.3 and earlier contains an XML External ...)
NOT-FOR-US: Logisim Evolution
CVE-2018-1000888 (PEAR Archive_Tar version 1.4.3 and earlier contains a CWE-502, CWE-915 ...)
- - php-pear <unfixed> (bug #919147)
+ - php-pear 1:1.10.6+submodules+notgz-1.1 (bug #919147)
NOTE: https://pear.php.net/bugs/bug.php?id=23782
NOTE: https://github.com/pear/Archive_Tar/commit/59ace120ac5ceb5f0d36e40e48e1884de1badf76
CVE-2018-1000887 (Peel shopping peel-shopping_9_1_0 version contains a Cross Site ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/2f896acfc4e685beeafa1238568486499b813f52
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/2f896acfc4e685beeafa1238568486499b813f52
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190114/0cee8030/attachment.html>
More information about the debian-security-tracker-commits
mailing list