[Git][security-tracker-team/security-tracker][master] follow security team with CVEs for libsolv
Thorsten Alteholz
alteholz at debian.org
Mon Mar 25 19:36:37 GMT 2019
Thorsten Alteholz pushed to branch master at Debian Security Tracker / security-tracker
Commits:
e976d26f by Thorsten Alteholz at 2019-03-25T19:34:50Z
follow security team with CVEs for libsolv
- - - - -
2 changed files:
- data/CVE/list
- data/dla-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -16527,18 +16527,21 @@ CVE-2018-20535 (There is a use-after-free at asm/preproc.c (function pp_getline)
CVE-2018-20534 (There is an illegal address access at src/pool.h (function pool_whatpr ...)
- libsolv <unfixed> (low; bug #923002)
[stretch] - libsolv <ignored> (Minor issue)
+ [jessie] - libsolv <ignored> (Minor issue)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1652604
NOTE: https://github.com/openSUSE/libsolv/pull/291
NOTE: https://github.com/openSUSE/libsolv/commit/4830af9d979d3685de538b80fbeba51ad590525e
CVE-2018-20533 (There is a NULL pointer dereference at ext/testcase.c (function testca ...)
- libsolv <unfixed> (low; bug #923002)
[stretch] - libsolv <ignored> (Minor issue)
+ [jessie] - libsolv <ignored> (Minor issue)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1652599
NOTE: https://github.com/openSUSE/libsolv/pull/291
NOTE: https://github.com/openSUSE/libsolv/commit/4830af9d979d3685de538b80fbeba51ad590525e
CVE-2018-20532 (There is a NULL pointer dereference at ext/testcase.c (function testca ...)
- libsolv <unfixed> (low; bug #923002)
[stretch] - libsolv <ignored> (Minor issue)
+ [jessie] - libsolv <ignored> (Minor issue)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1652605
NOTE: https://github.com/openSUSE/libsolv/pull/291
NOTE: https://github.com/openSUSE/libsolv/commit/4830af9d979d3685de538b80fbeba51ad590525e
=====================================
data/dla-needed.txt
=====================================
@@ -58,9 +58,6 @@ libraw (Thorsten Alteholz)
NOTE: and CVE-2018-20365 as no DSA.
NOTE: 20190317: still wading through CVEs
--
-libsolv
- NOTE: 20190127: maintainer is Mike Gabriel
---
libssh2 (Mike Gabriel)
--
linux (Ben Hutchings)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/e976d26fb817b1922f6ea4244efdf8a78cf20034
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/e976d26fb817b1922f6ea4244efdf8a78cf20034
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190325/13cb9721/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list