[Git][security-tracker-team/security-tracker][master] various spus

Wed Mar 20 17:04:09 GMT 2019

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
712a1356 by Moritz Muehlenhoff at 2019-03-20T17:03:38Z
various spus

- - - - -


2 changed files:

- data/CVE/list
- data/next-point-update.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -44425,10 +44425,12 @@ CVE-2018-12182
 CVE-2018-12181 [Stack buffer overflow with corrupted BMP]
 	RESERVED
 	- edk2 0~20181115.85588389-3 (bug #924615)
+	[stretch] - edk2 <no-dsa> (Minor issue, will be fixed via point update)
 	NOTE: https://lists.01.org/pipermail/edk2-devel/2019-March/037626.html
 CVE-2018-12180 [Buffer Overflow in BlockIo service for RAM disk]
 	RESERVED
 	- edk2 0~20181115.85588389-3 (bug #924615)
+	[stretch] - edk2 <no-dsa> (Minor issue, will be fixed via point update)
 	[jessie] - edk2 <end-of-life> (non-free is not supported)
 	NOTE: https://lists.01.org/pipermail/edk2-devel/2019-February/037248.html
 	NOTE: https://lists.01.org/pipermail/edk2-devel/2019-February/037249.html
@@ -44440,6 +44442,7 @@ CVE-2018-12179
 CVE-2018-12178 [improper DNS packet size check]
 	RESERVED
 	- edk2 0~20181115.85588389-3 (bug #924615)
+	[stretch] - edk2 <no-dsa> (Minor issue, will be fixed via point update)
 	[jessie] - edk2 <end-of-life> (non-free is not supported)
 	NOTE: https://lists.01.org/pipermail/edk2-devel/2019-February/037251.html
 	NOTE: https://github.com/tianocore/edk2/commit/84110bbe4bb3a346514b9bb12eadb7586bca7dfd


=====================================
data/next-point-update.txt
=====================================
@@ -76,3 +76,17 @@ CVE-2018-1049
 	[stretch] - systemd 232-25+deb9u10
 CVE-2018-15686
 	[stretch] - systemd 232-25+deb9u10
+CVE-2019-5736
+	[stretch] - runc 0.1.1+dfsg1-2+deb9u1
+CVE-2018-12181
+	[stretch] - edk2 0~20161202.7bbe0b3e-1+deb9u1
+CVE-2018-12180
+	[stretch] - edk2 0~20161202.7bbe0b3e-1+deb9u1
+CVE-2018-12178
+	[stretch] - edk2 0~20161202.7bbe0b3e-1+deb9u1
+CVE-2016-9843
+	[stretch] - rsync 3.1.2-1+deb9u1
+CVE-2016-9842
+	[stretch] - rsync 3.1.2-1+deb9u1
+CVE-2016-9841
+	[stretch] - rsync 3.1.2-1+deb9u1



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/712a13562f1a98548dc60f0677a81976929c8444

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/712a13562f1a98548dc60f0677a81976929c8444
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190320/731b35a3/attachment-0001.html>
