[Git][security-tracker-team/security-tracker][master] automatic update

Sun Mar 10 20:10:40 GMT 2019

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
f9d3d59a by security tracker role at 2019-03-10T20:10:28Z
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -28274,7 +28274,7 @@ CVE-2018-18090
 CVE-2018-18089
 	RESERVED
 CVE-2018-18088 (OpenJPEG 2.3.0 has a NULL pointer dereference for "red" in the ...)
-	{DLA-1579-1}
+	{DSA-4405-1 DLA-1579-1}
 	- openjpeg2 2.3.0-2 (low; bug #910763)
 	NOTE: https://github.com/uclouvain/openjpeg/issues/1152
 	NOTE: https://github.com/uclouvain/openjpeg/commit/cab352e249ed3372dd9355c85e837613fff98fa2
@@ -37781,7 +37781,7 @@ CVE-2018-14424 (The daemon in GDM through 3.29.1 does not properly unexport disp
 	NOTE: https://gitlab.gnome.org/GNOME/gdm/commit/6060db704a19b0db68f2e9e6a2d020c0c78b6bba
 	NOTE: https://gitlab.gnome.org/GNOME/gdm/commit/765b306c364885dd89d47fe9fe8618ce6a467bc1
 CVE-2018-14423 (Division-by-zero vulnerabilities in the functions pi_next_pcrl, ...)
-	{DLA-1614-1}
+	{DSA-4405-1 DLA-1614-1}
 	- openjpeg2 2.3.0-2 (low; bug #904873)
 	NOTE: https://github.com/uclouvain/openjpeg/issues/1123
 	NOTE: https://github.com/uclouvain/openjpeg/commit/bd88611ed9ad7144ec4f3de54790cd848175891b
@@ -58985,7 +58985,7 @@ CVE-2018-6618 (Easy Hosting Control Panel (EHCP) v0.37.12.b allows attackers to
 CVE-2018-6617 (Easy Hosting Control Panel (EHCP) v0.37.12.b, when using a local MySQL ...)
 	NOT-FOR-US: Easy Hosting Control Panel (EHCP)
 CVE-2018-6616 (In OpenJPEG 2.3.0, there is excessive iteration in the ...)
-	{DLA-1614-1}
+	{DSA-4405-1 DLA-1614-1}
 	- openjpeg2 2.3.0-2 (bug #889683)
 	NOTE: https://github.com/uclouvain/openjpeg/issues/1059
 	NOTE: https://github.com/uclouvain/openjpeg/commit/8ee335227bbcaf1614124046aa25e53d67b11ec3
@@ -61856,6 +61856,7 @@ CVE-2018-5786 (In Long Range Zip (aka lrzip) 0.631, there is an infinite loop an
 	[wheezy] - lrzip <no-dsa> (Minor issue)
 	NOTE: https://github.com/ckolivas/lrzip/issues/91
 CVE-2018-5785 (In OpenJPEG 2.3.0, there is an integer overflow caused by an ...)
+	{DSA-4405-1}
 	- openjpeg2 2.3.0-2 (low; bug #888533)
 	[jessie] - openjpeg2 <not-affected> (Vulnerable code introduced later)
 	NOTE: https://github.com/uclouvain/openjpeg/issues/1057
@@ -74427,7 +74428,7 @@ CVE-2017-17482 (An issue was discovered in OpenVMS through V8.4-2L2 on Alpha and
 CVE-2017-17481
 	RESERVED
 CVE-2017-17480 (In OpenJPEG 2.3.0, a stack-based buffer overflow was discovered in the ...)
-	{DLA-1579-1}
+	{DSA-4405-1 DLA-1579-1}
 	- openjpeg2 2.3.0-2 (bug #884738)
 	NOTE: https://github.com/uclouvain/openjpeg/issues/1044
 	NOTE: https://github.com/uclouvain/openjpeg/commit/0bc90e4062a5f9258c91eca018c019b179066c62



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/f9d3d59aa3b96d2cf7cfcfd5ae3f8e6108348429

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/f9d3d59aa3b96d2cf7cfcfd5ae3f8e6108348429
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190310/84bcb1c6/attachment.html>
