[Git][security-tracker-team/security-tracker][master] CVE-2018-20001,CVE-2018-19130/libav: postponed, not reproducible, requested more info from finders
Sylvain Beucler
beuc at debian.org
Fri Nov 15 20:32:26 GMT 2019
Sylvain Beucler pushed to branch master at Debian Security Tracker / security-tracker
Commits:
446c2fc4 by Sylvain Beucler at 2019-11-15T20:31:50Z
CVE-2018-20001,CVE-2018-19130/libav: postponed, not reproducible, requested more info from finders
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -52168,7 +52168,7 @@ CVE-2018-20002 (The _bfd_generic_read_minisymbols function in syms.c in the Bina
NOTE: binutils not covered by security support
CVE-2018-20001 (In Libav 12.3, there is a floating point exception in the range_decode ...)
- libav <removed>
- [jessie] - libav <no-dsa> (floating point exception cannot be observed on Jessie)
+ [jessie] - libav <postponed> (not reproducible, requested more info from finder)
NOTE: https://bugzilla.libav.org/show_bug.cgi?id=1141
CVE-2018-20000 (Apereo Bedework bw-webdav before 4.0.3 allows XXE attacks, as demonstr ...)
NOT-FOR-US: Apereo Bedework bw-webdav
@@ -58512,6 +58512,7 @@ CVE-2018-19133 (In Flarum Core 0.1.0-beta.7.1, a serious leak can get everyone's
NOT-FOR-US: Flarum Core
CVE-2018-19130 (In Libav 12.3, there is an invalid memory access in vc1_decode_frame i ...)
- libav <removed>
+ [jessie] - libav <postponed> (not reproducible, requested more info from finder)
NOTE: https://bugzilla.libav.org/show_bug.cgi?id=1139
CVE-2018-19129 (In Libav 12.3, a NULL pointer dereference (RIP points to zero) issue i ...)
- libav <removed>
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/446c2fc41307646d0d1348337a39027271a16ee7
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/446c2fc41307646d0d1348337a39027271a16ee7
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20191115/ddb39ada/attachment.html>
More information about the debian-security-tracker-commits
mailing list