[Git][security-tracker-team/security-tracker][master] 2 commits: Add references for CVE-2017-2808/ledger
Salvatore Bonaccorso
carnil at debian.org
Sat Jan 26 20:52:43 GMT 2019
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
1ed87bc3 by Salvatore Bonaccorso at 2019-01-26T20:50:00Z
Add references for CVE-2017-2808/ledger
- - - - -
acb3af08 by Salvatore Bonaccorso at 2019-01-26T20:50:50Z
Add references for CVE-2017-2807
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -115878,12 +115878,16 @@ CVE-2017-2808 (An exploitable use-after-free vulnerability exists in the account
[jessie] - ledger <no-dsa> (Minor issue)
[wheezy] - ledger <no-dsa> (Minor issue)
NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0304
+ NOTE: https://github.com/ledger/ledger/issues/1723
+ NOTE: https://github.com/ledger/ledger/commit/f3bad93db256db07b6cb831d4d24f47543f57e4a
CVE-2017-2807 (An exploitable buffer overflow vulnerability exists in the tag parsing ...)
- ledger <unfixed> (low; bug #876660)
[stretch] - ledger <no-dsa> (Minor issue)
[jessie] - ledger <no-dsa> (Minor issue)
[wheezy] - ledger <no-dsa> (Minor issue)
NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0303
+ NOTE: https://github.com/ledger/ledger/issues/1722
+ NOTE: https://github.com/ledger/ledger/commit/5682f377aed5b0db6b6c4a44b1d8868103b7e9f7
CVE-2017-2806 (An exploitable arbitrary read exists in the XLS parsing of the Lexmark ...)
NOT-FOR-US: Lexmark Perspective Document Filters conversion functionality
CVE-2017-2805 (An exploitable stack-based buffer overflow vulnerability exists in the ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/54eae2de5befa0fd52e5ccac08f0641bd97ebc6f...acb3af08418561ee15b5c35cffe3fe384613f597
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/54eae2de5befa0fd52e5ccac08f0641bd97ebc6f...acb3af08418561ee15b5c35cffe3fe384613f597
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190126/67dcb45b/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list