[Git][security-tracker-team/security-tracker][master] Add a CVE description to the recent clamav/libclamunrar entries

Sebastian Siewior bigeasy at debian.org
Sun Mar 31 22:38:38 BST 2019 


Sebastian Siewior pushed to branch master at Debian Security Tracker / security-tracker


Commits:
0800dc99 by Sebastian Andrzej Siewior at 2019-03-31T21:38:08Z
Add a CVE description to the recent clamav/libclamunrar entries

Signed-off-by: Sebastian Andrzej Siewior <sebastian at breakpoint.cc>

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -23207,7 +23207,7 @@ CVE-2019-1800
 	RESERVED
 CVE-2019-1799
 	RESERVED
-CVE-2019-1798
+CVE-2019-1798 (A use-after-free condition may occur when scanning nested RAR archives.)
 	RESERVED
 	- libclamunrar 0.101.2-1
 	[stretch] - libclamunrar <not-affected> (Vulnerable code only present in 0.101.1 and 0.101.0)
@@ -23231,25 +23231,25 @@ CVE-2019-1791
 	RESERVED
 CVE-2019-1790
 	RESERVED
-CVE-2019-1789
+CVE-2019-1789 (An out-of-bounds heap read condition when scanning PE files.)
 	RESERVED
 	- clamav 0.101.2+dfsg-1
 	NOTE: https://blog.clamav.net/2019/03/clamav-01012-and-01003-patches-have.html
-CVE-2019-1788
+CVE-2019-1788 (An out-of-bounds heap write condition when scanning OLE2 files.)
 	RESERVED
 	- clamav 0.101.2+dfsg-1
 	NOTE: https://blog.clamav.net/2019/03/clamav-01012-and-01003-patches-have.html
-CVE-2019-1787
+CVE-2019-1787 (An out-of-bounds heap read condition when scanning PDF documents.)
 	RESERVED
 	- clamav 0.101.2+dfsg-1
 	NOTE: https://blog.clamav.net/2019/03/clamav-01012-and-01003-patches-have.html
-CVE-2019-1786
+CVE-2019-1786 (An out-of-bounds heap read may occur when scanning malformed PDF documents.)
 	RESERVED
 	- clamav 0.101.2+dfsg-1
 	[stretch] - clamav <not-affected> (Vulnerable code only present in 0.101.1 and 0.101.0)
 	[jessie] - clamav <not-affected> (Vulnerable code introduced later)
 	NOTE: https://blog.clamav.net/2019/03/clamav-01012-and-01003-patches-have.html
-CVE-2019-1785
+CVE-2019-1785 (A path-traversal write condition may occur when scanning RAR archives.)
 	RESERVED
 	- libclamunrar 0.101.2-1
 	[stretch] - libclamunrar <not-affected> (Vulnerable code only present in 0.101.1 and 0.101.0)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/0800dc99199443d4841587f7afebbc47ab6728f0

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/0800dc99199443d4841587f7afebbc47ab6728f0
You're receiving this email because of your account on salsa.debian.org.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190331/6f470dce/attachment.html>

More information about the debian-security-tracker-commits mailing list