[Git][security-tracker-team/security-tracker][master] mark CVE-2018-20337 CVE-2018-20363 as not affected for jessie
Abhijith PA
gitlab at salsa.debian.org
Mon Jan 14 17:42:30 GMT 2019
Abhijith PA pushed to branch master at Debian Security Tracker / security-tracker
Commits:
e64c407a by Abhijith PA at 2019-01-14T17:41:49Z
mark CVE-2018-20337 CVE-2018-20363 as not affected for jessie
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -6819,6 +6819,7 @@ CVE-2018-20364 (LibRaw::copy_bayer in libraw_cxx.cpp in LibRaw 0.19.1 has a NULL
NOTE: CVE-2018-20363, CVE-2018-20364 and CVE-2018-20365 have same root cause
CVE-2018-20363 (LibRaw::raw2image in libraw_cxx.cpp in LibRaw 0.19.1 has a NULL pointer ...)
- libraw 0.19.2-2 (bug #917113)
+ [jessie] - libraw <not-affected> (Vulnerable code not present)
NOTE: https://github.com/LibRaw/LibRaw/issues/193
NOTE: Fixed by: https://github.com/LibRaw/LibRaw/commit/7e29b9f29449fde30cc878fbb137d61c14bba3a4
NOTE: Additionally needed: https://github.com/LibRaw/LibRaw/commit/a7c17cb6bbec1e79f058d84511f9c3b142cbdfa7
@@ -6894,6 +6895,7 @@ CVE-2018-20338 (Zoho ManageEngine OpManager 12.3 before build 123239 allows SQL
NOT-FOR-US: Zoho ManageEngine OpManager
CVE-2018-20337 (There is a stack-based buffer overflow in the parse_makernote function ...)
- libraw 0.19.2-1 (bug #917080)
+ [jessie] - libraw <not-affected> (Vulnerable code not present)
NOTE: https://github.com/LibRaw/LibRaw/issues/192
CVE-2018-20336
RESERVED
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/e64c407af05136130152f065e9885fa1160f70a0
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/e64c407af05136130152f065e9885fa1160f70a0
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190114/5377bc5a/attachment.html>
More information about the debian-security-tracker-commits
mailing list