[Git][security-tracker-team/security-tracker][master] non issues in catdoc and recutils

Wed Jan 16 22:18:02 GMT 2019

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
5a5aa3f2 by Moritz Muehlenhoff at 2019-01-16T22:17:34Z
non issues in catdoc and recutils

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -5,17 +5,23 @@ CVE-2019-6461 (An issue was discovered in cairo 1.16.0. There is an assertion pr
 	- cairo <unfixed>
 	NOTE: https://gitlab.freedesktop.org/cairo/cairo/issues/352
 CVE-2019-6460 (An issue was discovered in GNU Recutils 1.8. There is a NULL pointer ...)
-	TODO: check
+	- recutils <unfixed> (unimportant)
+	NOTE: Negligable security impact
 CVE-2019-6459 (An issue was discovered in GNU Recutils 1.8. There is a memory leak in ...)
-	TODO: check
+	- recutils <unfixed> (unimportant)
+	NOTE: Negligable security impact
 CVE-2019-6458 (An issue was discovered in GNU Recutils 1.8. There is a memory leak in ...)
-	TODO: check
+	- recutils <unfixed> (unimportant)
+	NOTE: Negligable security impact
 CVE-2019-6457 (An issue was discovered in GNU Recutils 1.8. There is a memory leak in ...)
-	TODO: check
+	- recutils <unfixed> (unimportant)
+	NOTE: Negligable security impact
 CVE-2019-6456 (An issue was discovered in GNU Recutils 1.8. There is a NULL pointer ...)
-	TODO: check
+	- recutils <unfixed> (unimportant)
+	NOTE: Negligable security impact
 CVE-2019-6455 (An issue was discovered in GNU Recutils 1.8. There is a double-free ...)
-	TODO: check
+	- recutils <unfixed> (unimportant)
+	NOTE: Negligable security impact
 CVE-2019-6454
 	RESERVED
 CVE-2019-6453
@@ -7143,12 +7149,14 @@ CVE-2018-20455 (In radare2 prior to 3.1.1, the parseOperand function inside ...)
 CVE-2018-20454 (An issue was discovered in 74cms v4.2.111. ...)
 	NOT-FOR-US: 74cms
 CVE-2018-20453 (The getlong function in numutils.c in libdoc through 2017-10-23 has a ...)
-	TODO: check, potentially affects src:catdoc
+	- catdoc <unfixed> (unimportant; bug #919526)
+	NOTE: Crash in CLI tool, no security impact
 CVE-2018-20452 (The read_MSAT_body function in ole.c in libxls 1.4.0 has an invalid ...)
 	- r-cran-readxl <unfixed> (bug #919324)
 	NOTE: https://github.com/evanmiller/libxls/issues/35
 CVE-2018-20451 (The process_file function in reader.c in libdoc through 2017-10-23 has ...)
-	TODO: check, potentially affects src:catdoc
+	- catdoc <unfixed> (unimportant; bug #919526)
+	NOTE: Crash in CLI tool, no security impact
 CVE-2018-20450 (The read_MSAT function in ole.c in libxls 1.4.0 has a double free that ...)
 	- r-cran-readxl <unfixed> (bug #919324)
 	NOTE: https://github.com/evanmiller/libxls/issues/34



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/5a5aa3f27742cf4bca5026a239622066ecb8f166

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/5a5aa3f27742cf4bca5026a239622066ecb8f166
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190116/a3a51afe/attachment.html>
