[Git][security-tracker-team/security-tracker][master] Add references for CVE-2017-1248{1,2}/ledger

Sat Jan 26 20:55:38 GMT 2019

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
b11393bf by Salvatore Bonaccorso at 2019-01-26T20:55:06Z
Add references for CVE-2017-1248{1,2}/ledger

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -85937,12 +85937,16 @@ CVE-2017-12482 (The ledger::parse_date_mask_routine function in times.cc in Ledg
 	[jessie] - ledger <no-dsa> (Minor issue)
 	[wheezy] - ledger <no-dsa> (Minor issue)
 	NOTE: http://bugs.ledger-cli.org/show_bug.cgi?id=1224
+	NOTE: https://github.com/ledger/ledger/issues/1224
+	NOTE: https://github.com/ledger/ledger/commit/7c0ae5b02571e21f97d45f5d091cb78af9885713
 CVE-2017-12481 (The find_option function in option.cc in Ledger 3.1.1 allows remote ...)
 	- ledger <unfixed> (low; bug #870900)
 	[stretch] - ledger <no-dsa> (Minor issue)
 	[jessie] - ledger <no-dsa> (Minor issue)
 	[wheezy] - ledger <no-dsa> (Minor issue)
 	NOTE: http://bugs.ledger-cli.org/show_bug.cgi?id=1222
+	NOTE: https://github.com/ledger/ledger/issues/1222
+	NOTE: https://github.com/ledger/ledger/commit/c5343f18744d0f6fddcc590f9a54c23674d8c489
 CVE-2017-12480 (Sandboxie installer 5071703 has a DLL Hijacking or Unsafe DLL Loading ...)
 	NOT-FOR-US: Sandboxie
 CVE-2017-12479 (It was discovered that an issue in the session logic in Unitrends ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/b11393bf7ba3dcf9d1257ad8fcc0d7a7f2a23a80

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/b11393bf7ba3dcf9d1257ad8fcc0d7a7f2a23a80
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190126/1b8bb802/attachment.html>
