[Git][security-tracker-team/security-tracker][master] Mark libgig CVE as unfixed in unstable

Markus Koschany apo at debian.org
Fri Nov 8 23:10:24 GMT 2019 


Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker


Commits:
e405dd55 by Markus Koschany at 2019-11-08T23:10:10Z
Mark libgig CVE as unfixed in unstable

I could reproduce all issues in unstable. Buster is most likely also affected.
Some CVE cannot be reproduced in Jessie and Stretch because in these versions
the required gigtools (gigmerge, gig2stereo) are not available to confirm the
ASAN reports. However affected code does still exist AFAICS. It may be possible to
trigger the same bug via a different code path.

Upstream confirmed to me via private email that there was no work on CVE-2018-*
issues. I will go into more details by responding to Debian bug #931309.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -60478,22 +60478,22 @@ CVE-2018-18199 (Mediamanager in REDAXO before 5.6.4 has XSS. ...)
 CVE-2018-18198 (The $opener_input_field variable in addons/mediapool/pages/index.php i ...)
 	NOT-FOR-US: REDAXO
 CVE-2018-18197 (An issue was discovered in libgig 4.1.0. There is an operator new[] fa ...)
-	- libgig <undetermined> (bug #931309)
+	- libgig <unfixed> (bug #931309)
 	NOTE: https://github.com/TeamSeri0us/pocs/blob/master/libgig/README-1008.md
 CVE-2018-18196 (An issue was discovered in libgig 4.1.0. There is a heap-based buffer  ...)
-	- libgig <undetermined> (bug #931309)
+	- libgig <unfixed> (bug #931309)
 	NOTE: https://github.com/TeamSeri0us/pocs/blob/master/libgig/README-1008.md
 CVE-2018-18195 (An issue was discovered in libgig 4.1.0. There is an FPE (divide-by-ze ...)
-	- libgig <undetermined> (bug #931309)
+	- libgig <unfixed> (bug #931309)
 	NOTE: https://github.com/TeamSeri0us/pocs/blob/master/libgig/README-1008.md
 CVE-2018-18194 (An issue was discovered in libgig 4.1.0. There is a heap-based buffer  ...)
-	- libgig <undetermined> (bug #931309)
+	- libgig <unfixed> (bug #931309)
 	NOTE: https://github.com/TeamSeri0us/pocs/blob/master/libgig/README-1008.md
 CVE-2018-18193 (An issue was discovered in libgig 4.1.0. There is operator new[] failu ...)
-	- libgig <undetermined> (bug #931309)
+	- libgig <unfixed> (bug #931309)
 	NOTE: https://github.com/TeamSeri0us/pocs/blob/master/libgig/README-1008.md
 CVE-2018-18192 (An issue was discovered in libgig 4.1.0. There is a NULL pointer deref ...)
-	- libgig <undetermined> (bug #931309)
+	- libgig <unfixed> (bug #931309)
 	NOTE: https://github.com/TeamSeri0us/pocs/blob/master/libgig/README-1008.md
 CVE-2018-18191 (Cross-site request forgery (CSRF) vulnerability in /admin.php?c=member ...)
 	NOT-FOR-US: FineCms
@@ -70232,37 +70232,37 @@ CVE-2018-14460 (An issue was discovered in the HDF HDF5 1.8.20 library. There is
 	- hdf5 <undetermined>
 	NOTE: https://github.com/TeamSeri0us/pocs/blob/master/hdf5/README3.md
 CVE-2018-14459 (An issue was discovered in libgig 4.1.0. There is an out-of-bounds wri ...)
-	- libgig <undetermined> (bug #931309)
+	- libgig <unfixed> (bug #931309)
 	NOTE: https://github.com/TeamSeri0us/pocs/blob/master/libgig/README.md
 CVE-2018-14458 (An issue was discovered in libgig 4.1.0. There is a heap-based buffer  ...)
-	- libgig <undetermined> (bug #931309)
+	- libgig <unfixed> (bug #931309)
 	NOTE: https://github.com/TeamSeri0us/pocs/blob/master/libgig/README.md
 CVE-2018-14457 (An issue was discovered in libgig 4.1.0. There is an out-of-bounds wri ...)
-	- libgig <undetermined> (bug #931309)
+	- libgig <unfixed> (bug #931309)
 	NOTE: https://github.com/TeamSeri0us/pocs/blob/master/libgig/README.md
 CVE-2018-14456 (An issue was discovered in libgig 4.1.0. There is an out-of-bounds wri ...)
-	- libgig <undetermined> (bug #931309)
+	- libgig <unfixed> (bug #931309)
 	NOTE: https://github.com/TeamSeri0us/pocs/blob/master/libgig/README.md
 CVE-2018-14455 (An issue was discovered in libgig 4.1.0. There is an out-of-bounds wri ...)
-	- libgig <undetermined> (bug #931309)
+	- libgig <unfixed> (bug #931309)
 	NOTE: https://github.com/TeamSeri0us/pocs/blob/master/libgig/README.md
 CVE-2018-14454 (An issue was discovered in libgig 4.1.0. There is an out-of-bounds rea ...)
-	- libgig <undetermined> (bug #931309)
+	- libgig <unfixed> (bug #931309)
 	NOTE: https://github.com/TeamSeri0us/pocs/blob/master/libgig/README.md
 CVE-2018-14453 (An issue was discovered in libgig 4.1.0. There is a heap-based buffer  ...)
-	- libgig <undetermined> (bug #931309)
+	- libgig <unfixed> (bug #931309)
 	NOTE: https://github.com/TeamSeri0us/pocs/blob/master/libgig/README.md
 CVE-2018-14452 (An issue was discovered in libgig 4.1.0. There is an out-of-bounds rea ...)
-	- libgig <undetermined> (bug #931309)
+	- libgig <unfixed> (bug #931309)
 	NOTE: https://github.com/TeamSeri0us/pocs/blob/master/libgig/README.md
 CVE-2018-14451 (An issue was discovered in libgig 4.1.0. There is a heap-based buffer  ...)
-	- libgig <undetermined> (bug #931309)
+	- libgig <unfixed> (bug #931309)
 	NOTE: https://github.com/TeamSeri0us/pocs/blob/master/libgig/README.md
 CVE-2018-14450 (An issue was discovered in libgig 4.1.0. There is an out-of-bounds rea ...)
-	- libgig <undetermined> (bug #931309)
+	- libgig <unfixed> (bug #931309)
 	NOTE: https://github.com/TeamSeri0us/pocs/blob/master/libgig/README.md
 CVE-2018-14449 (An issue was discovered in libgig 4.1.0. There is an out of bounds rea ...)
-	- libgig <undetermined> (bug #931309)
+	- libgig <unfixed> (bug #931309)
 	NOTE: https://github.com/TeamSeri0us/pocs/blob/master/libgig/README.md
 CVE-2018-14448 (Codec::parse in track.cpp in Untrunc through 2018-06-07 has a NULL poi ...)
 	- untrunc <itp> (bug #702476)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/e405dd55a933e0c07544f43b162baf0899b29780

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/e405dd55a933e0c07544f43b162baf0899b29780
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20191108/886edc32/attachment-0001.html>

More information about the debian-security-tracker-commits mailing list