[Git][security-tracker-team/security-tracker][master] CVE-2018-20860/libopenmpt assigned

Salvatore Bonaccorso carnil at debian.org
Wed Jul 31 22:35:13 BST 2019 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
cef964a6 by Salvatore Bonaccorso at 2019-07-31T21:34:07Z
CVE-2018-20860/libopenmpt assigned

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -747,8 +747,6 @@ CVE-2018-20862 (cPanel before 76.0.8 unsafely performs PostgreSQL password chang
 	NOT-FOR-US: cPanel
 CVE-2018-20861 (libopenmpt before 0.3.11 allows a crash with certain malformed custom  ...)
 	TODO: check
-CVE-2018-20860 (libopenmpt before 0.3.13 allows a crash with malformed MED files. ...)
-	TODO: check
 CVE-2018-20859 (edx-platform before 2018-07-18 allows XSS via a response to a Chemical ...)
 	NOT-FOR-US: Open edX
 CVE-2018-20858
@@ -42595,7 +42593,7 @@ CVE-2018-18557 (LibTIFF 4.0.9 (with JBIG enabled) decodes arbitrarily-sized JBIG
 	NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=1697
 	NOTE: https://gitlab.com/libtiff/libtiff/merge_requests/38
 	NOTE: https://gitlab.com/libtiff/libtiff/commit/681748ec2f5ce88da5f9fa6831e1653e46af8a66
-CVE-2018-XXXX [out of bounds memory read in MED files]
+CVE-2018-20860 [out of bounds memory read in MED files]
 	- libopenmpt 0.3.13-1 (low; bug #911584)
 	[stretch] - libopenmpt <no-dsa> (Minor issue)
 	NOTE: https://lib.openmpt.org/libopenmpt/2018/10/21/security-updates-0.3.13-0.2.10933-beta36-0.2.7561-beta20.5-p11-0.2.7386-beta20.3-p14/



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/cef964a60651a2b2bc7c93ecfb68f2dc12f7e737

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/cef964a60651a2b2bc7c93ecfb68f2dc12f7e737
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190731/66b9c32d/attachment.html>

More information about the debian-security-tracker-commits mailing list