[Git][security-tracker-team/security-tracker][master] Add upstream references for CVE-2018-2045{0,2}/r-cran-readxl
Salvatore Bonaccorso
carnil at debian.org
Tue Jan 15 05:38:58 GMT 2019
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
14894804 by Salvatore Bonaccorso at 2019-01-15T05:36:15Z
Add upstream references for CVE-2018-2045{0,2}/r-cran-readxl
Note that the upstream issues were present now disspaperared for some
reasons (cf. https://bugs.debian.org/919324#19)
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -6657,10 +6657,12 @@ CVE-2018-20453 (The getlong function in numutils.c in libdoc through 2017-10-23
TODO: check, potentially affects src:catdoc
CVE-2018-20452 (The read_MSAT_body function in ole.c in libxls 1.4.0 has an invalid ...)
- r-cran-readxl <unfixed> (bug #919324)
+ NOTE: https://github.com/evanmiller/libxls/issues/35
CVE-2018-20451 (The process_file function in reader.c in libdoc through 2017-10-23 has ...)
TODO: check, potentially affects src:catdoc
CVE-2018-20450 (The read_MSAT function in ole.c in libxls 1.4.0 has a double free that ...)
- r-cran-readxl <unfixed> (bug #919324)
+ NOTE: https://github.com/evanmiller/libxls/issues/34
CVE-2018-20449
RESERVED
CVE-2018-20448 (Frog CMS 0.9.5 has XSS via the Database name field to the ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/14894804cba9757b8fbcbb34217a58a774f896df
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/14894804cba9757b8fbcbb34217a58a774f896df
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190115/02cdce7a/attachment.html>
More information about the debian-security-tracker-commits
mailing list