[Git][security-tracker-team/security-tracker][master] Add CVE-2018-16846/ceph

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
f03adf7e by Salvatore Bonaccorso at 2019-01-15T07:57:21Z
Add CVE-2018-16846/ceph

Mark as undetermined for now as further investigation needs to be
performed.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -22798,8 +22798,11 @@ CVE-2018-16847 (An OOB heap buffer r/w access issue was found in the NVM Express
 	- qemu-kvm <not-affected> (support for Controller Memory Buffers added later)
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2018-11/msg00200.html
 	NOTE: https://git.qemu.org/?p=qemu.git;a=commit;h=87ad860c622cc8f8916b5232bd8728c08f938fce
-CVE-2018-16846
+CVE-2018-16846 [ListBucket max-keys has no defined limit in the RGW codebase]
 	RESERVED
+	- ceph <undetermined>
+	NOTE: http://tracker.ceph.com/issues/35994
+	NOTE: https://github.com/ceph/ceph/commit/ab29bed2fc9f961fe895de1086a8208e21ddaddc
 CVE-2018-16845 (nginx before versions 1.15.6, 1.14.1 has a vulnerability in the ...)
 	{DSA-4335-1 DLA-1572-1}
 	- nginx 1.14.1-1 (bug #913090)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/f03adf7e6c4773a711f8a36a2125c16b67f65fbc

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/f03adf7e6c4773a711f8a36a2125c16b67f65fbc
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190115/cd6081fb/attachment-0001.html>