[Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2018-19105,librecad: Debian bug reported
Markus Koschany
apo at debian.org
Sun May 5 15:59:09 BST 2019
Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker
Commits:
2fe91229 by Markus Koschany at 2019-05-05T14:58:10Z
CVE-2018-19105,librecad: Debian bug reported
- - - - -
d365dfbd by Markus Koschany at 2019-05-05T14:58:50Z
Claim librecad in dla-needed.txt
- - - - -
2 changed files:
- data/CVE/list
- data/dla-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
@@ -32133,7 +32133,7 @@ CVE-2018-19107 (In Exiv2 0.26, Exiv2::IptcParser::decode in iptc.cpp (called fro
CVE-2018-19106 (Avi Vantage before 17.2.13 uses an invalid URL encoding during a redir ...)
NOT-FOR-US: Avi Vantage
CVE-2018-19105 (LibreCAD 2.1.3 allows remote attackers to cause a denial of service (0 ...)
- - librecad <unfixed>
+ - librecad <unfixed> (bug #928477)
NOTE: https://code610.blogspot.com/2018/11/crashing-librecad-213.html
NOTE: https://github.com/LibreCAD/LibreCAD/issues/1038
NOTE: Fixed by https://github.com/LibreCAD/LibreCAD/commit/6da7cc5f7f31afb008f03dbd11e07207ccd82085
=====================================
data/dla-needed.txt
=====================================
@@ -83,6 +83,8 @@ libmatio (Adrian Bunk)
NOTE: 20190428: some CVE testcases still fail after applying the fix,
NOTE: 20190428: older changes seem to also be required for them
--
+librecad (Markus Koschany)
+--
libspring-security-2.0-java
--
linux (Ben Hutchings)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/1e5696a84c2fa4f5252ae6f5fc513426ee57aefc...d365dfbda6ca6611ff43b7c7d547eb87fc21e902
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/1e5696a84c2fa4f5252ae6f5fc513426ee57aefc...d365dfbda6ca6611ff43b7c7d547eb87fc21e902
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190505/bb5a3422/attachment.html>
More information about the debian-security-tracker-commits
mailing list